Table of Contents
Are You Getting Wrong Kleinanzeigen Emails And Is Your Personal Data Safe?
Recent events highlight a severe technical issue on the classifieds platform kleinanzeigen.de. Users report receiving buyer inquiries for products they do not sell. This situation raises serious privacy and security concerns.
The Core Problem: Misdirected Emails
Martin Schmitt uses kleinanzeigen.de to sell items. In February 2026, he began receiving daily emails from potential buyers. These buyers asked about items listed by other accounts also named “Martin Schmitt.” The other accounts operate in different cities across Germany. Martin lives in Baden-Württemberg and does not sell these specific goods.
His personal account remains secure. Nobody hacked his profile. However, the platform’s system mistakenly routes messages meant for other people directly to his email inbox.
Privacy and Legal Concerns
This routing error creates a massive burden. Martin receives dozens of irrelevant emails every day. He cannot help these buyers. More importantly, this technical flaw shares user communication with unauthorized recipients. Sending messages to the wrong person likely violates the General Data Protection Regulation (GDPR). If one person faces this problem, the platform likely misdirects emails for many other users.
Unhelpful Support Experience
Martin reported this precise issue to the kleinanzeigen.de support team. He provided specific ad IDs and locations. He requested a detailed investigation to stop the emails.
The support team failed to investigate. They sent an automated email on February 27, 2026. They blamed high inquiry volumes, asked for patience, and told him to read the help section. They provided zero actual assistance.
The OPP Payment Security Flaw
A second critical issue involves the Online Payment Platform (OPP). Kleinanzeigen.de uses OPP for secure payments.
A different user changed his registered email address on both kleinanzeigen.de and OPP. OPP successfully updated the contact email. However, OPP still uses the old email address as the permanent username for logging in. The password reset function also relies on this old email address.
OPP support stated this design does not matter. They are wrong. If a user loses control of their old email address, an attacker can register that old address. The attacker can then request a password reset and take over the OPP financial account.
How to Protect Your Account
As a user, you must take active steps to protect your data.
- Monitor your inbox daily for messages regarding items you did not list.
- Document all misdirected emails with screenshots and ad IDs.
- Report any data routing errors directly to your local data protection authority.
- Keep permanent control of the original email address you used to register for OPP.
- Never let your old email domains expire or fall into the hands of strangers.