Massive Data Breach at Spanish Retailer PcComponentes Affects Over 16 Million Customers

A significant cybersecurity incident has potentially compromised the personal data of over 16 million customers of PcComponentes, a leading hardware retailer in Spain. A security firm’s report indicates a significant data filtration, raising concerns about identity theft and financial fraud.

The breach was initially flagged by Hackmanac, a cybersecurity intelligence firm, and attributed to a hacker operating under the alias “daghetiaw.” According to a post on breach Forums, the threat actor claims to possess a database containing data on 16.3 million PcComponentes customers. To demonstrate the validity of the claim, daghetiaw reportedly shared a sample of the database – containing data from 500,000 users – for verification purposes.

The leaked data is extensive, encompassing a wide range of sensitive information. According to a security firm’s analysis shared on X (formerly Twitter), the compromised data includes names, addresses, tax identification numbers (NIF), purchase receipts, invoices, phone numbers, and even details from customer support tickets via Zendesk. Furthermore, the leak potentially exposes banking information, such as credit card types and expiration dates.

Here is the post from Hackmanac on X detailing the breach:

🚨Cyber Alert ‼️🇪🇸Spain – PcComponentesA threat actor using the alias daghetiaw claims to have breached PCComponentes.The dataset reportedly contains data on over 16.3 million individuals,including NIF numbers,orders,invoices,addresses,contact details,Zendesk tickets,… pic.twitter.com/JmArlRxhds- Hackmanac (@H4ckmanac) January 20,2026

As of now, the security firm is still working to independently verify the full extent of the breach. Though, the potential scale of the incident is alarming. “Its database contains more then a million registered people,” one security analyst stated, “You will find a lot of information… including tracking zip codes, first names, last names… as well as banking information.”

PcComponentes has yet to officially confirm the data leak or issue a public statement regarding the matter. Despite the lack of official confirmation, cybersecurity experts strongly advise customers who have made purchases from the Spanish retailer to take immediate action.The recommended steps include changing passwords, updating login credentials, and enabling two-factor authentication whenever possible to safeguard against unauthorized access.

Expanding Cyberattacks in Spain: beniel City Council Targeted

The PcComponentes incident is not an isolated event. Hackmanac also reported a separate cyberattack targeting the Beniel City Council in Spain. This attack, carried out by a ransomware group known as The Gentlemen, disrupted administrative functions by disabling municipal computer systems.

The Gentlemen emerged in mid-2025 and has quickly become a prolific threat actor, conducting over 30 attacks in 17 countries within just five months. Their targets span diverse sectors, including manufacturing, healthcare, aviation, and consumer services. beyond the Beniel City Council, The Gentlemen has reportedly compromised organizations in Mexico, Colombia, the United States, India, and Thailand.

The increasing frequency and sophistication of these cyberattacks underscore the growing threat landscape facing