Is My Personal Information Safe After the Recent ManoMano and FunderNation Data Breaches?

What Steps Must I Take to Protect My Bank Details Following the February 2026 Cyberattacks?

February 18, 2026

Recent cybersecurity incidents have compromised sensitive user data at two major platforms: the home improvement marketplace ManoMano and the investment platform FunderNation. Investigations confirm that unauthorized actors accessed personal customer information in both cases.

If you use either service, you must act now to secure your digital identity.

Security Incident at ManoMano

ManoMano, a prominent online marketplace operating under manomano.de, connects buyers with third-party sellers for home, garden, and DIY products. While the platform facilitates transactions for items ranging from bathtubs to pet food, a breach at a service partner has exposed customer data.

The Breach Vector: Third-Party Compromise

On February 11, 2026, ManoMano notified customers regarding a cyberattack targeting one of its external customer service providers. Forensic analysis traces the intrusion to January 2026, when attackers compromised a subcontractor employee’s account to unlawfully extract data.​

Reports indicate the breach likely involves the customer support platform Zendesk, with threat actors claiming access to millions of ticket headers and user records.

Exposed Information

The compromised data includes:

• First and last names
• Email addresses and telephone numbers
• Full logs of interactions with customer service

Current Status

ManoMano identified and blocked the compromised account immediately upon discovery. The company revoked the subcontractor’s access to customer data and deployed stricter access controls across its supply chain. Authorities including the CNIL (French Data Protection Authority) and ANSSI (French Agency for Information Systems Security) have been notified.​

Security Incident at FunderNation

FunderNation, a digital crowd-investing platform for the DACH region, allows private investors to fund startups and growth companies. The firm detected a severe security intrusion on February 10, 2026.

The Breach Vector: Direct System Intrusion

Unlike the ManoMano incident, this attack targeted FunderNation’s core infrastructure. Although the company maintains high security standards, attackers successfully bypassed defenses. Forensics teams are currently analyzing the entry points, but the scope appears critical.

The Extortion Threat

This incident involves more than data theft; it includes active extortion. Attackers claim to possess sensitive internal data and have threatened to publish it on the dark web unless a ransom is paid. The Hessian State Criminal Police Office (LKA) is investigating under case number ST/0156781/2026.

Exposed Information

Users should assume the following data is compromised:

• Contact Details: Names, physical addresses, and email addresses.
• Financial Data: Bank account details stored for investment transactions.

Critical Action Plan for Affected Users

The exposure of contact details combined with banking information creates a high risk for targeted phishing and identity theft.

Immediate Steps to Take

1. Verify Sender Identity: Scrutinize every email claiming to be from ManoMano, FunderNation, or your bank. Attackers often use stolen data to make phishing attempts appear legitimate.​
2. Monitor Financial Accounts: Review your bank statements daily for unauthorized direct debits. Dispute suspicious transactions immediately.
3. Reset Passwords: Change your FunderNation password now. If you reuse this password on other sites, update those credentials immediately.
4. Report Suspicious Activity: Forward suspicious FunderNation-related messages to [email protected] and the LKA at [email protected] (reference case ST/0156781/2026).

Contact Channels

ManoMano: Call the dedicated hotline at +49 69 8088 4449 or email [email protected].

FunderNation: Monitor official communications for updates on the forensic investigation.