Breach Database / Phone House España
Yes — Phone House España was breached.
- 5.2 million accounts affected
- Breach occurred 2021-04-08 · phonehouse.es
- Verified entry in the Have I Been Pwned catalog
What happened
In April 2021, the Spanish retailer Phone House allegedly suffered a ransomware attack that also exposed significant volumes of customer data. Attributed to the Babuk ransomware, a collection of data alleged to be a subset of a larger corpus was posted to a dark web site and contained 5.2M email addresses along with names, nationalities, genders, dates of birth, phone numbers and physical addresses. Phone House has been threatened with further releases if a ransom is not paid.
What data was exposed
- Dates of birth
- Email addresses
- Genders
- Names
- Nationalities
- Phone numbers
- Physical addresses
What to do right now
- Be alert for smishing and SIM-swap attempts. Treat unexpected texts and "carrier" calls with suspicion; add a PIN/port-freeze with your mobile carrier.
- Watch for targeted phishing mail. A leaked home address makes postal and doorstep scams more convincing.
- Expect convincing phishing emails. Attackers use breached details to write personalized emails. Be suspicious of any message referencing this service.
- Check your other accounts on Have I Been Pwned. Your email address may appear in other breaches you don't know about yet.
- Monitor the apps you use going forward. Clearly watches the breach record for the companies behind your apps and alerts you the moment one appears.
Breach data from Have I Been Pwned. Listing here means the service appears in the public breach record — not that your personal data was affected.