A threat actor using the alias "Jeffrey Epstein" has allegedly exfiltrated over 400,000 customer records from the Dutch online retailer Bol.com, posting a data sample as proof. The compromised dataset includes extensive personal information such as names, addresses, phone numbers, email addresses, and order history, though passwords and financial data were reportedly not exposed. Bol.com has publicly denied the breach, stating no evidence of a hack has been found and its systems are operating normally, while the actor is offering the full dataset for sale via encrypted messaging platforms.
Data Security , Threat Intelligence Over 400K records allegedly stolen from major Dutch webshop Bol, data leaked April 21, 2026 Share By SC Staff Major Dutch online store Bol, which also operates in Belgium, had information from more than 400,000 of its Belgian users allegedly compromised by the hacker using the alias "Jeffrey Epstein," reports Cybernews . The hacker posted a sample for customers to download to prove the legitimacy of the breach. The dataset contains personal information of Bol users, including full names, birthdates, phone numbers, tracking numbers, email addresses, full address details, shipping data, payment details, and order history. Passwords and bank data have reportedly not been compromised. Potential buyers could negotiate the price for the stolen data via Telegram or Session. Meanwhile, Bol, which offers more than 56 million products to more than 14 million customers through more than 44,200 sales partners, denied that it has been breached. "We take this report seriously, but we currently have no evidence of a hack or attack. All systems are operating normally, so there is no ransomware involved," said a Bol spokesperson to Tweakers.net. SC Staff Related Government Regulations House OKs short-term renewal for surveillance program SC Staff April 21, 2026 Legislation that would provide a 10-day extension for Section 702 of the Foreign Intelligence Surveillance Act has been approved by the House, representing a setback for President Donald Trump and House GOP leaders, who had sought an 18-month renewal, according to The Record, a news site by cybersecurity firm Recorded Future. Data Security Report: FTP protocol security gaps expose millions of systems SC Staff April 21, 2026 About half of 6 million internet-connected systems using the legacy File Transfer Protocol continue to lack encryption, making them vulnerable to cyberattacks, according to SecurityWeek. Breach France confirms identity document agency hack SC Staff April 21, 2026 The French Interior Ministry has disclosed a cyberattack against the country's National Agency for Secure Documents' ANTS platform, which is being used for driver's license, passport, and ID issuance, according to Security Affairs. Related Events Cybercast Beyond the Hype: The Cybersecurity Trends CISOs are Keeping an Eye on in 2026 On-Demand Event Cybercast Beyond the data perimeter: Why next-generation DSPM is the foundation for modern data security On-Demand Event Virtual Conference Securing the Future of Finance: Strategies to Counter Modern Cyber Threats On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Backdoor Bit Business Email Compromise (BEC) Checksum Covert Channels Cryptographic Hash Functions Cyclic Redundancy Check (CRC) Data Encryption Standard (DES) Information Warfare Reconnaissance You can skip this ad in 5 seconds