134,209 Wobz (formerly Dalvin) customers: claimed data leak
On 17 January 2026, a threat actor claimed to have leaked a Wobz (formerly Dalvin) customer database of about 134,209 records, exposing customer and corporate names, email addresses, internal security keys and GoCardless payment identifiers.
- Victim
- Wobz (formerly Dalvin)
- records
- 134.2K
On 17 January 2026, Wobz β a French distribution company (formerly trading as Dalvin) specializing in customized reusable cups and related distribution solutions β was named as the victim of a claimed data leak. A threat actor advertised what was described as the company's "Wobz-print" customer database, said to contain roughly 134,209 records, and made it available on a data-leak channel.
The dataset reportedly mixed individual and corporate client records. According to threat-intelligence reporting on the listing, the exposed fields went beyond ordinary contact details, which raises the stakes for affected customers.
Exposed data categories reported include:
- Names (individuals and legal entities)
- Email addresses
- Internal security keys / authentication tokens
- GoCardless payment identifiers (direct-debit processing IDs)
The combination of authentication tokens and payment-platform identifiers is notable: it could enable abuse of direct-debit mandates as well as business-email-compromise attacks against Wobz's corporate clients. The breach remains a claim attributed to a threat actor; the attack vector was not disclosed, and there is no confirmed public statement from Wobz or a regulator at the time of reporting. Status is therefore unknown.
Sources
- fuitesinfos.frhttps://fuitesinfos.fr/article/2026-01-17-wobz-ex-dalvin
- brinztech.comhttps://www.brinztech.com/breach-alerts/brinztech-alert-the-alleged-database-of-wobz-distribution-is-leaked/