ShellCodeX Breach Report
Phone House España Data Breach
phonehouse.es
Verified breach
Accounts exposed
5,223,350
Breach date
08 Apr 2021
Added to tracker
22 Apr 2021
Data classes
7
What happened
In April 2021, the Spanish retailer Phone House allegedly suffered a ransomware attack that also exposed significant volumes of customer data. Attributed to the Babuk ransomware, a collection of data alleged to be a subset of a larger corpus was posted to a dark web site and contained 5.2M email addresses along with names, nationalities, genders, dates of birth, phone numbers and physical addresses. Phone House has been threatened with further releases if a ransom is not paid.
Exposed data
Dates of birth
Email addresses
Genders
Names
Nationalities
Phone numbers
Physical addresses
Recommended actions
- Watch for targeted phishing emails referencing Phone House España — attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP