1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Top PC components store denies data breach - PcComponentes says i

    From TechnologyDaily@1337:1/100 to All on Thu Jan 22 12:15:08 2026
    Top PC components store denies data breach - PcComponentes says it is safe, despite hacker claims

    Date:
    Thu, 22 Jan 2026 12:05:00 +0000

    Description:
    PcComponentes says it did not lose data in a breach, but through a credential stuffing attack.

    FULL STORY ======================================================================PcCompon entes denies breach claims, confirming only a credential stuffing attack occurred Hacker alleged 16.3m records stolen; company says far fewer accounts were affected Future logins require CAPTCHA and mandatory two-factor authentication for added security

    Spanish PC components retailer PcComponentes has denied suffering a big data breach - but did confirm it suffered a credential stuffing attack.

    A cybercriminal recently posted a new thread on an underground forum,
    claiming to have stolen sensitive data from the company. Offering the archive for sale, the hacker - named daghetiaw - says it contains 16.3 million records, including peoples names, postal addresses, IP addresses, product wishlists, and customer support messages generated through Zendesk.

    To prove the authenticity of their claims, the hacker also published a sample of 500,000 records. Weird campaign

    Soon after, PcComponentes published a notice on its website, saying it was never breached and that the claims the hacker made are false.

    There has been no illegitimate access to our databases or internal systems, the company said, as per a machine-translated notice.

    The figure of 16 million customers supposedly affected is false, as the
    number of active accounts on PcComponentes is markedly lower.

    The company then explained that its investigation showed it suffered a credential stuffing attack. A threat actor obtained login credentials elsewhere on the dark web and tried to use them on the platform.

    Customers who use the same password across multiple services were most likely broken into, and whatever information they stored in their account, was most likely nabbed.

    Still, PcComponentes downplayed this incident, as well, saying only a handful of customers were affected, and the data stolen was not that important.

    Likewise, illegitimate access has not been massive, that is, only some customers have been affected, it said. The bank details have not been compromised in any case since PcComponentes does not store them. For this reason, there is no risk of bank details being stolen, it explained.

    Customer passwords are never stored in our database.

    Through credential stuffing, the cybercriminal was able to grab peoples
    names, IDs, postal addresses, IP addresses, and phone numbers.

    Going forward, all users logging in will first have to solve a CAPTCHA and will have to set up 2FA .

    Via BleepingComputer

    Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the
    Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/top-pc-components-store-denies-data-bre ach


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)