A threat actor has claimed responsibility for an alleged breach involving Slovak fitness apparel brand NEBBIA, publishing what they describe as the first batch of customer documents while threatening to release hundreds of thousands more.
Unlike many recent breach claims centered on databases or source code, the alleged incident involves customer invoices, shipping records, and order documents that could expose detailed purchasing histories if authentic. According to the forum post, 32,340 customer documents have already been released, with another 285,662 allegedly scheduled for publication.
Order documents allegedly exposed
Headquartered in Žilina, Slovakia, NEBBIA is an international fitness apparel brand that sells premium activewear through its online store and retail partners across Europe and other markets.
The threat actor claims the exposed material includes customer order documentation generated during the purchasing and fulfillment process. According to the listing, the alleged leak contains:
- Customer names
- Billing addresses
- Email addresses
- Phone numbers
- Order dates
- Purchased products and quantities
- Order totals
- Payment method information
- Shipping labels
- Packing slips
- Invoices
If authentic, the exposed records could provide attackers with detailed purchase histories alongside personally identifiable information, making affected customers more susceptible to phishing, identity fraud, and social engineering attacks.
Sample files appear to contain recent orders
BreachNews reviewed sample PDF documents included with the forum listing. One appears to be a courier shipping label containing a recipient’s full name, delivery address, telephone number, shipment details, and sender information. The second appears to be a customer invoice listing purchaser details, billing and shipping addresses, email address, telephone number, purchased products, payment method, tax calculations, and the total order value.
The sample documents also appear to relate to orders processed between late June and early July 2026, suggesting the alleged records, if authentic, may be relatively recent rather than historical archives.
While the sample files appear consistent with genuine order fulfillment documents, BreachNews has not independently verified that the alleged dataset originated from NEBBIA or that the claimed number of affected records is accurate.
Threat actor claims more documents remain
The forum listing advertises the current release as only the first stage of the alleged breach. According to the threat actor, more than 285,000 additional customer documents remain unpublished and may be released at a later date.
The post includes several screenshots presented as evidence and offers a downloadable archive through the forum. BreachNews is not reproducing or linking to the alleged leaked material.
Pattern of recent breach claims
The alleged NEBBIA breach is the latest in a series of customer data leaks attributed to the same threat actor. In recent weeks, BreachNews has also reported on the alleged breach of AL’s Sporting Goods, the alleged leak of 688,193 George Brown Sports Clubs member records, and an alleged patient data breach affecting a Houston orthopedic practice.
Company statement
The threat actor further alleges that NEBBIA was aware of a security incident involving customer information. BreachNews has not independently verified that claim.
BreachNews contacted NEBBIA requesting comment on the alleged breach and the documents referenced in the forum post.
NEBBIA had not issued a statement regarding the alleged incident at the time of publication.











