Donintimo

We've been tracking a concerning uptick in e-commerce platform breaches across Europe, particularly those impacting smaller, regionally focused businesses. What really struck us about the **Donintimo** breach wasn't the relatively low volume of records, but the speed with which the data appeared on a well-known hacking forum and the simplicity of the attack vector suggested by the data structure. The breach underscores a persistent vulnerability in smaller e-commerce operations: inadequate security practices combined with a treasure trove of customer data.

Donintimo: A Small E-commerce Site's Big Data Problem

The **Donintimo** breach, impacting **569** users of the Spanish e-commerce platform, highlights the risks faced by even small online businesses. The compromised data included email addresses, full names, IP addresses, genders, and, critically, password hashes. The breach was first reported on **July 27, 2022**, when it was shared on a popular hacking forum. The relatively small size of the breach makes it easy to overlook, but the nature of the data and the speed of dissemination raise significant concerns.

The data caught our attention because of the presence of password hashes, specifically using the relatively weak **MD5** algorithm. This suggests outdated security practices, making brute-force attacks a viable method for attackers to gain access to user accounts. The combination of personally identifiable information (PII) and potentially cracked passwords could be used for identity theft, phishing campaigns, or credential stuffing attacks on other platforms.

This breach matters to enterprises because it exemplifies a common attack vector: targeting smaller businesses with weaker security postures as a stepping stone to larger targets. Compromised user credentials from **Donintimo** could be used to access other services used by those individuals, potentially including corporate accounts. It also highlights the importance of third-party risk management, as even seemingly insignificant vendors can introduce significant vulnerabilities.

Breach Stats

Key point: Total records exposed: 569

Key point: Types of data included: Email Address, Password Hash (MD5), First Name, Last Name, IP Address, Gender

Key point: Sensitive content types: PII

Key point: Source structure: Database

Key point: Leak location(s): Popular hacking forum

Key point: Date of first appearance: July 27, 2022

External Context & Supporting Evidence

While this breach didn't receive widespread media attention, similar e-commerce breaches are frequently reported. For example, BleepingComputer often covers breaches of smaller online stores resulting from database misconfigurations or outdated software. These incidents often follow a pattern: initial compromise, data dump on a forum, and subsequent use in malicious campaigns.

The use of MD5 for password hashing is a known security vulnerability. Security researchers have long warned against its use, and numerous tools are available to crack MD5 hashes quickly. This breach serves as a reminder of the importance of using strong, modern hashing algorithms such as bcrypt or Argon2.

Email · Address · Password · Hash · First · Name · Last · Ip · Gender