Leak at Jeu Jouet
French online toy retailer JeuJouet.com warned customers in April 2026 that its Magento e-commerce platform was compromised in a mass exploitation campaign, potentially exposing names, email addresses, account credentials and order data; no banking details were affected.
- Victim
- Jeu Jouet
On 17 April 2026, JeuJouet.com β a French online toy and games retailer β notified its customers by email that its e-commerce platform had been caught up in a cyberattack. The breach stemmed from a vulnerability in the Magento (Adobe Commerce) platform, part of a mass exploitation campaign that compromised more than 7,500 online stores worldwide; the same flaw hit other French retailers, including Moulin Roty, which sent customers an identical notice.
The company said its store was exposed during the incident but stated it had no evidence allowing it to confirm with certainty that customer data had been compromised. Banking details were not affected. The data potentially at risk includes:
- Names and surnames
- Email addresses
- Customer account identifiers/credentials
- Order information
JeuJouet said it put immediate security measures in place after discovering the incident and urged customers to change their passwords, use a unique login distinct from other services, and stay alert to fraudulent emails, SMS messages or calls exploiting the brand's name. No count of affected accounts has been confirmed.
Sources
- cyberattaque.orghttps://www.cyberattaque.org/jeujouet-com-alerte-ses-clients-apres-une-cyberattaque-sur-son-e-commerce/
- frenchbreaches.comhttps://frenchbreaches.com/alertes/moulin-roty-mo48r43oxyvhpucthkk
- solutions-numeriques.comhttps://www.solutions-numeriques.com/e-commerce-une-nouvelle-generation-de-skimmers-et-des-attaques-massives-ciblent-magento/
- bonjourlafuite.eu.orghttps://bonjourlafuite.eu.org/#Jeu%20Jouet-2026-04-17