FeR Miniatures

We've been tracking an uptick in breaches targeting smaller, niche e-commerce sites, often overlooked in favor of larger retail targets. What really struck us about this particular incident wasn't the scale, but the specific nature of the affected business and the surprisingly comprehensive PII included. The data had been circulating quietly, but we noticed its appearance on a well-known hacking forum and the potential impact on a very specific community of hobbyists. The combination of detailed customer data with a retailer specializing in collectibles raises concerns about targeted social engineering and potential physical security risks for its customer base.

FeR Miniatures Breach Exposes 3.9k Hobbyist Records on Hacking Forum

In August 2025, a dataset originating from FeR Miniatures, a Spanish retailer of resin miniatures, surfaced on a prominent hacking forum. The breach impacted 3,899 users and included a concerning array of Personally Identifiable Information (PII). This incident highlights the vulnerability of smaller e-commerce platforms and the potential for targeted attacks based on customer interests.

The breach was discovered on August 14, 2025, when a member of a hacking forum posted a link to the database dump. What caught our attention was the inclusion of not just email addresses and password hashes, but also full names, physical addresses, and geographic locations. This level of detail could be leveraged for more sophisticated attacks, such as phishing campaigns targeting specific hobbyist interests or even physical stalking.

This breach matters to enterprises because it demonstrates that even small businesses are attractive targets for data theft. The sensitive nature of the data, combined with the specific interests of the customer base, increases the risk of targeted attacks. It also highlights the importance of robust security measures for all online retailers, regardless of size.

Key point: Total records exposed: 3,899

Key point: Types of data included: Email Address, Username, pHpass password hashes, First Name, Last Name, Physical Address, Geographic Location, Date

Key point: Sensitive content types: PII

Key point: Source structure: Database dump

Key point: Leak location: Prominent hacking forum

Key point: Date of first appearance: August 14, 2025

While there has been no mainstream media coverage of this specific incident as of yet, the trend of targeting e-commerce platforms for customer data is well-documented. For example, BleepingComputer has reported extensively on similar breaches affecting smaller online retailers. The reuse of pHpass, an outdated hashing algorithm, is also a recurring theme in many of these breaches, as discussed in various security blogs and forums. This suggests a lack of up-to-date security practices within the affected organization.

Email · Address · Username · Password · Hash · First · Name · Last