Miinto: Fashion mart Miinto unzips breach details, warns shoppers to watch for phisherfolk

Miinto: Fashion mart Miinto unzips breach details, warns shoppers to watch for phisherfolk

Miinto Confirms Data Breach Exposing Customer Order Information

Danish e-commerce platform Miinto has notified customers of a security incident in which an unauthorized party accessed its internal order management system. The breach, disclosed via email this week, may have exposed personal data tied to customer purchases, though the company has not revealed the full scale of the compromise or the attack vector.

According to the notification, the exposed data includes names, email and physical addresses, phone numbers, and payment method details such as card type (e.g., Visa, Mastercard) or pay-later services like Klarna. However, full card numbers and verification codes were not accessed. Miinto warned customers to remain vigilant against phishing attempts, as attackers could use the stolen data to craft convincing fraudulent messages.

The company stated it has contained the breach, removed the intruder from its systems, and enhanced security measures, including stricter access controls for its order management system. Miinto also reported the incident to law enforcement and data protection authorities but has not issued a public statement or responded to media inquiries.

Founded in 2009, Miinto operates in 14 countries and reported an 86% revenue increase in January, reaching 869 million kr ($132.9 million) in annual earnings. The breach underscores the risks faced by online marketplaces handling sensitive customer data.

Source: https://www.theregister.com/security/2026/07/10/miinto-fesses-up-to-breach-says-customers-open-to-phishing/5269891

Miinto cybersecurity rating report: https://www.rankiteo.com/company/miinto-group

"id": "MII1783686300",
"linkid": "miinto-group",
"type": "Breach",
"date": "7/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Retail/E-commerce',
                        'location': 'Denmark',
                        'name': 'Miinto',
                        'size': '869 million kr ($132.9 million) annual '
                                'earnings',
                        'type': 'E-commerce platform'}],
 'customer_advisories': 'Warned customers to remain vigilant against phishing '
                        'attempts',
 'data_breach': {'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High (personally identifiable '
                                        'information and payment details)',
                 'type_of_data_compromised': ['Names',
                                              'Email addresses',
                                              'Physical addresses',
                                              'Phone numbers',
                                              'Payment method details (card '
                                              'type, pay-later services like '
                                              'Klarna)']},
 'description': 'Danish e-commerce platform Miinto has notified customers of a '
                'security incident in which an unauthorized party accessed its '
                'internal order management system. The breach may have exposed '
                'personal data tied to customer purchases, including names, '
                'email and physical addresses, phone numbers, and payment '
                'method details such as card type or pay-later services like '
                'Klarna. Full card numbers and verification codes were not '
                'accessed. Miinto warned customers to remain vigilant against '
                'phishing attempts.',
 'impact': {'data_compromised': 'Personal data tied to customer purchases',
            'identity_theft_risk': 'High (due to exposed personal data)',
            'payment_information_risk': 'Moderate (card types exposed, but not '
                                        'full card numbers or verification '
                                        'codes)',
            'systems_affected': 'Internal order management system'},
 'references': [{'source': 'Miinto Customer Notification'}],
 'regulatory_compliance': {'regulatory_notifications': 'Reported to data '
                                                       'protection '
                                                       'authorities'},
 'response': {'communication_strategy': 'Customer notification via email',
              'containment_measures': 'Removed the intruder from systems',
              'law_enforcement_notified': 'Yes',
              'remediation_measures': 'Enhanced security measures, including '
                                      'stricter access controls for the order '
                                      'management system'},
 'title': 'Miinto Data Breach Exposing Customer Order Information',
 'type': 'Data Breach'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.