Healthcare / Online Pharmacy & Para-pharmacy Marketplace / Consumer e-commerce / Spain (Europe)
Spanish online pharmacy and para-pharmacy marketplace selling health, beauty and wellness products across Europe.
The Breach Risk Index (BRI) is a proprietary 0–100 score rating how dangerous a breach is right now, based on how recently the data has been circulating on the dark web and how valuable it is to attackers.
A Promofarma customer database surfaced for sale on a dark-web marketplace in August 2019, containing more than 2.7 million records with roughly 1.28 million unique email addresses and customer names. Promofarma became aware on August 6, 2019 and activated its incident response; Spain's AEPD later dismissed proceedings, finding adequate technical and organizational measures. The data was indexed by Have I Been Pwned.
Full threat analysis, exploitation vectors, and principal guidance below.
10 additional sections · verified field analysis · defensive doctrine
4.9M records analyzed
Promofarma is a Spanish online pharmacy and para-pharmacy marketplace, based in Barcelona, selling health, beauty, personal-care and wellness products from pharmacies across Europe. It operates as a consumer e-commerce platform (part of the DocMorris/Zur Rose group) connecting shoppers with pharmacy sellers.
As a consumer health-and-beauty e-commerce marketplace, Promofarma holds customer-account records including names and email addresses, plus order and contact information; while it is pharmacy-adjacent, the exposed data in this incident centers on customer identity and contact rather than clinical records.
In August 2019 a Promofarma customer database appeared for sale on a dark-web marketplace; the company activated its security protocol, and Spain's data-protection authority (AEPD) later closed proceedings citing adequate safeguards. The dataset was subsequently indexed by Have I Been Pwned.
The breach exposed a large European consumer base to phishing and enrichment risk, with GDPR/AEPD regulatory scrutiny (ultimately closed without penalty). Because the exposed fields are contact-oriented rather than clinical or financial, the impact centers on spam, phishing and profile enrichment.
• Targeted phishing campaigns using exposed email addresses
A healthcare-linked breach: exposure ties a named individual to a provider relationship and, where clinical or insurance data is present, to conditions and treatment. For a high-profile principal the main risk is credible impersonation and enrichment of existing exposure.
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation