ManoMano Breach: Massive Data Leak Exposes Personal Information of 38 Million Customers

European DIY Chain ManoMano Data Breach Affects 38 Million Customers

ManoMano, a popular DIY store chain, is currently informing its customers about a significant data breach that occurred due to hackers compromising a third-party service provider.

The breach, which came to light in January 2026, impacted a staggering 38 million individuals, as confirmed by the company to BleepingComputer.

“We can confirm that ManoMano has recently notified customers about a security incident involving one of our third-party customer service providers (a subcontractor),” the company informed BleepingComputer.

The unauthorized access linked to the provider led to the extraction of certain personal data related to customer accounts and interactions with customer service.

ManoMano, a French e-commerce firm known for its online marketplace specializing in DIY, home improvement, and gardening products, operates across various European countries with a substantial online presence.

Earlier reports suggested that a Tunis-based customer support service provider, which suffered a Zendesk breach, was the compromised organization responsible for the breach.

Following the breach, ManoMano has started notifying affected customers about the incident, reassuring that no account passwords were compromised, and no data modifications were made within the company’s systems.

A spokesperson for ManoMano emphasized the importance of immediate action taken to secure their environment, including revoking the subcontractor’s access to customer data and enhancing access controls.

Data Exposed in the Breach

• Full name
• Email address
• Phone number
• Customer service communications

ManoMano stressed that affected customers should remain vigilant against phishing attempts and social engineering, offering guidance on how to safeguard their personal information.

The company’s notification to customers included recommendations such as verifying sender identities, monitoring bank accounts for suspicious transactions, and avoiding clicking on dubious links or email attachments.

ManoMano has been proactive in involving relevant authorities like CNIL and ANSSI and continues to investigate the breach, although technical details are not currently shared publicly.

As cybersecurity threats evolve, it is crucial for individuals and organizations to stay informed and take necessary precautions to protect their data.

Stay Informed with the Red Report 2026

Discover the latest insights on cybersecurity threats in the Red Report 2026. Learn how new malware uses advanced techniques to evade detection and secure your systems effectively.

Download our analysis of 1.1 million malicious samples to uncover top strategies and fortify your security defenses.

Download The Report