Brinztech Alert: The Alleged Data of PCComponentes are on Sale

Dark Web News Analysis

The dark web news reports a major data privacy incident involving PCComponentes, one of Spain’s leading e-commerce platforms for technology and electronics. A threat actor known as “daghetiaw” on a hacker forum is claiming to sell a database containing 16.3 million user records.

The dump, allegedly extracted in January 2026, purportedly includes highly sensitive Personally Identifiable Information (PII). The listed fields include Full Names, Email Addresses, Bcrypt-hashed Passwords, Salts, DNI/NIF (Spanish National ID), Phone Numbers, Physical Addresses, Dates of Birth, and Genders. While the company denies a direct breach of their central database, they have confirmed detecting a massive “credential stuffing” attack targeting their users.

Key Cybersecurity Insights

Breaches of major e-retailers are “Tier 1” consumer threats because they combine financial habits with high-value identity documents:

• The DNI/NIF Risk: The exposure of DNI/NIF (Documento Nacional de Identidad) numbers is critical. In Spain, this ID number is the cornerstone of all legal and financial contracts. Attackers can use the DNI combined with Full Names and Addresses to commit identity theft, sign up for fraudulent phone contracts, or take out micro-loans in the victim’s name.
• Credential Stuffing at Scale: The company states this was a Credential Stuffing attack, where attackers use password lists from other breaches to break into PCComponentes accounts. However, the presence of “Bcrypt hashes and Salts” in the hacker’s listing suggests the attacker may have deeper access than just the front-end login, or they are aggregating data from multiple sources to create a “combolist.”
• Zendesk & Support Ticket Leaks: Reports indicate the leak may also contain Customer Support Messages (Zendesk tickets). This exposes private conversations about broken products, warranties, or refunds, which can be weaponized for “Tech Support Scams” posing as PCComponentes service agents.
• The “16 Million” Discrepancy: The attacker claims 16.3 million records, while PCComponentes argues they have fewer active accounts. This discrepancy often implies the attacker is selling a “mixed” database—combining valid PCComponentes data with older, irrelevant data to inflate the price.

Mitigation Strategies

To protect digital identities and financial assets, the following strategies are recommended:

• Forced Password Reset: PCComponentes has reportedly invalidated active sessions. Users must immediately set a new, unique password. Do not reuse this password on any other site.
• 2FA Enforcement: Users should immediately enable Two-Factor Authentication (2FA) on their PCComponentes account. The company has reportedly made this mandatory or highly recommended following the attack.
• Phishing Vigilance: Be extremely suspicious of emails or SMS messages claiming to be from PCComponentes asking for “payment verification” or “delivery confirmation.” Scammers will use the leaked order history to make these messages look authentic.
• Identity Monitoring: Spanish users should monitor their bank accounts for small, unauthorized charges and consider checking with credit bureaus (like ASNEF) to ensure no fraudulent loans have been opened using their DNI.

Secure Your Business with Brinztech — Global Cybersecurity Solutions

Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback?

For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com