Alleged dataset of 400,000 Bol.com customer records offered on cybercrime forum

A dataset purportedly containing approximately 400,000 customer records linked to Bol.com, a leading e-commerce marketplace in Belgium and the Netherlands, has surfaced for sale on a cybercrime forum, raising concerns about potential data exposure.

The dataset was advertised on the social media platform X by Dark Web Informer, a cybersecurity monitoring entity that tracks underground activity. The seller, operating under the name “Jeffrey Epstein,” claims the data relates to Bol.com customers in Belgium. The individual also asserts that the platform serves around 14 million users and that the dataset includes a range of personally identifiable information.

The allegedly exposed records are described as containing both personal and account-related data. This includes customer names, usernames, email addresses, phone numbers, physical addresses, dates of birth, and account activity details such as registration and last login dates. Additional fields are said to include customer identification numbers, language preferences, and nationality, although the exact nature of the identification data remains unclear.

The dataset also reportedly extends to order and shipping information. Claimed details include delivery addresses, shipping methods, carrier data, tracking numbers, order values, payment methods, and delivery status. Other fields referenced in the listing include return requests, delivery attempts, package specifications, and warehouse dispatch data.

Bol.com, an online retail platform specializing in a wide range of consumer goods across the Benelux region, stated that it has no indication of a security breach. The company confirmed that it is reviewing the claims but reported that its systems are operating normally, with no evidence of unauthorized access, ransomware activity, or data compromise.

At this stage, there is no confirmation that the dataset originates from Bol.com’s infrastructure. The presence of data on underground forums does not necessarily indicate a recent or direct breach, as such datasets can be compiled from older incidents, aggregated sources, or fabricated entries.