38,085 customers exposed in a claimed leak at Comptoir du Rêve
On 18 April 2026, the threat actor ChimeraZ claimed to have published a customer database stolen from Comptoir du Rêve, a Toulouse-based comics and manga bookseller, containing 42,606 records tied to 38,085 individuals.
- Victim
- Comptoir du Rêve
- records
- 38.1K
On 18 April 2026, Comptoir du Rêve — a Toulouse-based bookseller specialising in comics, manga and "romantasy", with both physical stores and an online shop — was named in a data leak claimed by the threat actor ChimeraZ. The actor announced that a customer database exfiltrated from the retailer had been published, exposing 42,606 records corresponding to 38,085 distinct individuals.
The disclosure is part of a broader campaign in which ChimeraZ has claimed a string of intrusions against French organisations, leaking customer and member databases on cybercrime forums. The actor has publicly framed the campaign as a demonstration that French organisations are poorly protected. The breach appears to stem from a compromise of the company's e-commerce/customer systems, though the precise intrusion vector has not been publicly confirmed.
Based on the published claim, the exposed data corresponds to the retailer's customer base. Categories typically present in such records — and consistent with the actor's other leaks — include:
- Full names
- Email addresses
- Postal addresses
- Phone numbers
As of the disclosure date, the leak was a claim made by the attacker with the data already circulating; there is no publicly documented confirmation or remediation statement from Comptoir du Rêve, so the status remains unverified.
Sources
- fuitesinfos.frhttps://fuitesinfos.fr/article/2026-04-18-comptoir-du-reve
- x.comhttps://x.com/VECERTRadar/status/2047787703211831723