ComptoirDuReve.fr: a leak exposes the contact details of 42,000 customers
On 17 April 2026, the French bookstore e-commerce site ComptoirDuReve.fr was reported to have suffered a data leak exposing a database of nearly 42,000 customers, including names, titles and full postal addresses usable for targeted fraud.
- Victim
- ComptoirDuReve.fr
- records
- 42.0K
On 17 April 2026, ComptoirDuReve.fr — the online storefront of a specialist French bookshop (comics, graphic novels and manga, based in Toulouse) — was reported to have suffered a data leak in which a database covering nearly 42,000 customers was put into circulation.
According to the cyberattaque.org tracker that disclosed the incident, the leaked file was a roughly 10.5 MB JSON export of the site's customer base. The attack vector was not specified, and no group publicly claimed responsibility.
The exposed records reportedly included:
- Title (civilité), surname and first name
- Full postal addresses, including postal code, city and country
- Order and account information
Although the dataset does not appear to contain passwords or payment details, its combination of full identity and address fields makes it particularly exploitable for targeted fraud and phishing campaigns. As of disclosure, no official statement from ComptoirDuReve.fr had been reported, and the status of any remediation or CNIL notification remains unknown.
Sources
- cyberattaque.orghttps://www.cyberattaque.org/comptoirdureve-fr-une-fuite-expose-les-coordonnees-de-42-000-clients/