- Total Records12,797,780
- Unique Emails5,236,979
- Unique First Names11,053,132
- Unique Addresses4,337,229
Inside the 2021 PhoneHouse España Data Breach: What Was Leaked and Who Was Affected?
In April 2021, PhoneHouse España—a major electronics and mobile phone retailer in Spain—found itself at the center of a data breach after a ransomware attack led by the Babuk group. This breach resulted in the exposure of over 12.7 million records containing sensitive customer data. Customers filling out orders, registering for services, or making online purchases in Spain were affected, with the attackers ultimately leaking crucial private information to the public web. This incident quickly became one of the most significant security events of the year in the Spanish retail sector, not only due to the sheer volume of data exposed, but also for the variety of personal details involved.
How Did the PhoneHouse España Data Breach Happen?
The breach occurred in early April 2021 when the Babuk ransomware group managed to gain unauthorized access to PhoneHouse España’s systems. The group successfully exfiltrated a massive set of customer records while holding company systems for ransom. When negotiations failed or demands weren’t met, the attackers published the stolen data online, placing millions of customers at risk of privacy violations, phishing schemes, and potential identity misuse.
What Information Was Exposed?
The scope of the leak was considerable. Exposed records included:
- Email addresses
- Full names
- Nationalities
- Genders
- Dates of birth
- Phone numbers
- Physical addresses (including street, city, state, zip code, and country)
- Company details (where relevant)
This breadth of information could be used for identity fraud or to craft highly convincing phishing attacks against the affected individuals.
Who Was Behind the Attack?
The attackers were associated with the Babuk ransomware group, a collective known for targeting organizations globally and demanding payment in exchange for not leaking stolen data. Their tactics revolved around ransomware deployment coupled with the threat of public data leaks—a pattern seen in several high-profile incidents around this period.
Timeline of the 2021 PhoneHouse España Incident
- Early April 2021: Babuk ransomware actors breach PhoneHouse España’s network.
- Shortly after: Sensitive data belonging to roughly 12.8 million individuals is exfiltrated.
- April 2021: Attackers leak the customer data online when ransom demands are not met, exposing millions to potential misuse.
Frequently Asked Questions About the PhoneHouse España Data Breach
What happened in the PhoneHouse España 2021 data breach?
PhoneHouse España suffered a ransomware attack in April 2021, during which the Babuk group accessed and leaked over 12.7 million customer records containing sensitive personal information.
How many people were affected by the PhoneHouse España breach?
Approximately 12.8 million customer records were compromised in the PhoneHouse España data breach.
What kind of data was leaked in the PhoneHouse España breach?
Leaked data included names, email addresses, phone numbers, birth dates, nationalities, genders, full addresses, and in some cases, associated company details.
Who was responsible for the PhoneHouse España breach?
The breach was carried out by the Babuk ransomware group, known for attacking organizations and leaking stolen data when ransom demands aren’t met.
How can i check if i'm in PhoneHouse España breach?
You can check if your information was part of the PhoneHouse España breach by utilizing the DeHashed search engine.