Hacker claims 38Mn accounts stolen via Zendesk in ManoMano data breach
PARIS, FRANCE — French online marketplace ManoMano is grappling with a massive data breach that may have exposed millions of customer accounts after cybercriminals reportedly extracted sensitive information from its customer support platform, Zendesk.
According to a report from En-contact, while the company cited “thousands of customers” affected, a hacker on the BreachForums forum claiming the alias “Indra” claimed to have compromised 37.8 million user accounts, including 935,000 after-sales tickets and over 13,500 attachments across France, Spain, Italy, the United Kingdom, and Germany.
Outsourced Tunisian call center under scrutiny in data leak
The breach highlighted vulnerabilities tied to ManoMano’s outsourcing strategy. The company had relied on a service provider in Tunisia to manage customer support, presumably to reduce costs.
“We tested this call center and found it to be poorly organized, making it difficult to understand why a unicorn company would choose it. Telephone lines ringing into the void, IVR, voice server not working,” the report said.
The operational failures forced the urgent transfer of the customer service department to ADM Value in Madagascar and prompted ManoMano to hire Burson, a global PR firm, to manage potential reputational damage.
Compounding the issue, ManoMano has faced past scrutiny over its so-called “Manodvisors,” who “apparently paid or reimbursed in products to write positive reviews,” illustrating a history of questionable practices in the French marketplace.
Scale of the Zendesk breach: 43GB of data
The hacker’s claims paint a far more alarming picture than the company’s official statements. The stolen data reportedly spans multiple European countries, amounting to roughly 43 GB of information.
When approached for comments, co-founder Christian Raisson along with CEOs, Claire Morvan and Eloïse Nahon, declined to respond.
The expansion of e-commerce through artificial intelligence (AI) and automated systems shows that ManoMano’s security breach demonstrates the ongoing requirement for effective human customer support.
Balancing AI automation with human oversight
The incident underscores the risks associated with the rapid expansion of e-commerce through artificial intelligence (AI) and automated systems. While automation drives efficiency, the breach highlights the ongoing necessity for secure, effective human customer support.
Daily operational hurdles—such as delayed packages, refund disputes, and complex queries—often cannot be fully resolved by chatbots alone. These scenarios require trained advisors capable of empathy and nuanced problem-solving.
Ultimately, the ManoMano case serves as a warning for businesses leveraging international workforce solutions. To avoid compromising data integrity, organizations must enforce rigorous partner evaluations and maintain robust infrastructure that prioritizes security alongside cost savings.
