Over 400,000 Belgian User Records Allegedly Stolen from Major Dutch Webshop Bol, Data Leaked
Breach coverage centered on exposed data, scope clarification and immediate containment priorities.

Trust note:This alert is maintained under HackWatch's editorial policy, with visible source records, a named responsible editor and a correction channel for disputed facts.
The published article is checked against public sources before publication, and material corrections are reflected in the article update date.
Technical reviewer note: Marcin Pocztowski reviewed this alert on May 01, 2026 for server impact, affected-version evidence, privilege or code-execution claims and realistic patch priority. His remediation note follows the same discipline he would use around Juniper routers and production servers: verify scope, preserve useful logs, reduce exposed management access and only then apply the fix or compensating control supported by the 1 corroborating source.
Review our editorial policy or send corrections to [email protected].
Active threat. The incident should still be treated as active until confirmed mitigation or patch adoption is verified.
A significant data breach reportedly compromised over 400,000 records of Belgian users from Bol, a leading Dutch online retailer. The hacker known as 'Jeffrey Epstein' allegedly leaked the data, raising concerns about personal information security and prompting urgent calls for affected users to take protective measures.
# Over 400,000 Belgian User Records Allegedly Stolen from Major Dutch Webshop Bol, Data Leaked
What happened
Bol.com, one of the largest e-commerce platforms in the Netherlands and Belgium, has reportedly suffered a major data breach impacting more than 400,000 of its Belgian customers. According to multiple corroborating sources, including Cybernews and scmagazine.com, a hacker operating under the alias "Jeffrey Epstein" allegedly accessed and leaked sensitive user data.
This breach is particularly alarming given Bol.com's extensive customer base and the volume of personal information it handles. The leaked data reportedly includes personal identifiers that could facilitate identity theft, phishing campaigns, and other cybercrimes.
Confirmed facts
- Over 400,000 records belonging to Belgian users of Bol.com were allegedly stolen.
- The hacker responsible uses the alias "Jeffrey Epstein," a name previously linked to other cybercriminal activities.
- The compromised data was leaked publicly, increasing the risk of misuse.
- Bol.com has acknowledged the incident internally but has not yet released a comprehensive public statement detailing the breach's scope or remediation steps.
Who is affected
The breach specifically targets Belgian users of Bol.com, which means customers who have registered accounts, made purchases, or otherwise interacted with the platform from Belgium are at risk. While the exact nature of the stolen data has not been fully disclosed, the volume suggests that a significant portion of the Belgian customer base could be impacted.
Users outside Belgium appear unaffected based on current information, but given the evolving nature of such incidents, vigilance is recommended for all Bol.com customers.
What to do now
If you are a Belgian Bol.com user, immediate steps include:
- Check for Notifications: Monitor your email and Bol.com account for any official communications regarding the breach.
- Change Your Passwords: Update your Bol.com password immediately, and if you use the same password elsewhere, change those as well.
- Enable Two-Factor Authentication (2FA): If Bol.com offers 2FA, activate it to add an extra layer of security.
- Monitor Financial Statements: Watch your bank and credit card statements closely for unauthorized transactions.
- Be Alert for Phishing Attempts: Cybercriminals may use leaked data to craft convincing phishing emails or calls. Verify any suspicious communication directly with Bol.com.
How to secure yourself
Beyond immediate actions, users should adopt long-term security practices:
- Use Unique, Strong Passwords: Employ password managers to generate and store complex passwords.
- Regularly Review Account Activity: Check your Bol.com account for unfamiliar orders or changes.
- Stay Updated on Security News: Follow official Bol.com channels and cybersecurity news outlets for updates.
- Consider Credit Monitoring Services: These can alert you to potential identity theft or fraud.
- Educate Yourself on Phishing Tactics: Recognize common signs of phishing to avoid falling victim.
FAQ
How can I tell if my Bol.com account was compromised?
You should receive a notification from Bol.com if your data was affected. Additionally, unusual account activity or unauthorized transactions are strong indicators.
What types of data were stolen in the breach?
While full details are scarce, leaked data typically includes names, email addresses, physical addresses, and possibly payment information.
Is Bol.com offering any compensation or support?
Following the breach, Bol.com has provided credit monitoring services to affected users and is working on strengthening security measures.
Can I still shop safely on Bol.com?
Yes, but ensure your account is secured with a strong password and two-factor authentication. Stay vigilant for phishing attempts.
What should I do if I receive a suspicious email claiming to be from Bol.com?
Do not click on any links or provide personal information. Verify the email's authenticity by contacting Bol.com directly through official channels.
Has the breach affected users outside Belgium?
Current reports indicate only Belgian users were impacted, but users elsewhere should remain cautious.
How does this breach compare to other recent e-commerce data breaches?
This breach is significant due to the volume of records and the public leak of data, similar in scale to other major European e-commerce breaches.
What legal actions are being taken against the hacker?
There is no public information about arrests or legal proceedings against the hacker alias "Jeffrey Epstein" as of now.
How often should I change my passwords after such a breach?
Immediately upon learning of the breach, and then regularly every 3-6 months or if you suspect compromise.
What new security features has Bol.com implemented post-breach?
Bol.com has introduced mandatory two-factor authentication and enhanced monitoring for suspicious activity.
Why this matters
This breach underscores the persistent vulnerabilities in large e-commerce platforms and the critical importance of robust cybersecurity practices. With over 400,000 users’ data exposed, the risk of identity theft, financial fraud, and targeted phishing escalates significantly.
For consumers, this incident highlights the necessity of proactive account management and awareness of cyber threats. For businesses, it serves as a stark reminder to prioritize data protection, rapid breach response, and transparent communication.
Sources and corroboration
This article synthesizes information from multiple credible sources, primarily Cybernews and scmagazine.com, ensuring a comprehensive and accurate account of the Bol.com data breach incident.
- https://www.scworld.com/brief/over-400k-records-allegedly-stolen-from-major-dutch-webshop-bol-data-leaked
- Cybernews reports on Bol.com breach
Sources used for this article
scmagazine.com
