Overview
- ManoMano says the January 2026 intrusion stemmed from unauthorized access at a customer‑service subcontractor.
- Exposed details vary by user and may include names, emails, phone numbers, and customer‑service exchanges.
- The company reports no password access or data changes on its own systems.
- Access for the subcontractor was revoked as ManoMano tightened controls and notified CNIL, ANSSI, and the Cyber Emergency Île‑de‑France platform.
- A hacker using the alias Indra claims 37.8 million accounts and support tickets were stolen, with reports of a Zendesk link and a Tunis‑based provider remaining unconfirmed as the probe continues.