PcComponentes Blocks Credential Stuffing Attack After False Breach Claims
Learn More
PcComponentes, a major Spanish technology retailer, denied claims of a massive data breach after a threat actor named ‘daghetiaw’ tried to sell 16.3 million customer records. The attacker posted a sample of 500,000 records on a hacking forum, claiming the data came from the company's internal systems.
The retailer claims their security team found no evidence of unauthorized access to their core databases or internal infrastructure, but the investigation confirmed that the incident was a credential stuffing attack.
Attackers used login credentials stolen from other services or harvested by infostealer malware to test accounts on their system. Technical analysis by Hudson Rock confirmed that the leaked email addresses appeared in previous malware logs dating back to 2020, suggesting the data was not stolen directly from the retailer.
The company disputes the scale of the leak but they admitted that attackers accessed a limited number of accounts using valid credentials. The exposed data includes:
- First and last names
- National ID numbers
- Physical addresses
- IP addresses
- Email addresses
- Phone numbers
The number of affected individuals is not disclosed.
To stop the automated logins, PcComponentes added CAPTCHA challenges to its login pages. The company also forced all users to log out and invalidated active sessions to clear any unauthorized access. They now require two-factor authentication (2FA) for every account on the platform to prevent future account takeovers.
They urged customers to use unique passwords and stay alert for phishing emails.
