Brazilian Book Buyers Beware: The Editora Mizuno Breach Dumped 15,664 Customer Records

In November 2022, customer data from Editora Mizuno, a Brazilian ecommerce platform selling books and educational materials, appeared on a well-known hacking forum. The breach exposed 15,664 records containing full names, email addresses, and phone numbers -- exactly the kind of personally identifiable information that makes targeted phishing campaigns easy to execute. For Brazilian consumers who purchased from the platform, the risk is concrete: their contact details are now freely available to anyone browsing the forum where the data was posted.

Why This Is Dangerous

Breaches that expose names, phone numbers, and email addresses together create ideal conditions for social engineering. An attacker who knows your name, has your phone number, and can send you a convincing email is equiped to impersonate a bank, delivery service, or government agency with high credibility. In Brazil, where SMS phishing (smishing) and WhatsApp scams have become widespread, this combination of data is particularly actionable. The data was shared on a hacking forum, meaning it has likely been downloaded and redistributed across multiple channels since first apearing in November 2022.

What Was Exposed

• 15,664 total customer records exposed
• Email addresses used for account registration
• Phone numbers enabling direct contact and SMS attacks
• First and last names enabling personalized targeting
• No passwords included in this breach
• Leak date: November 26, 2022
• Distribution: Popular hacking forum

Why This Matters

Even without passwords, a breach of this type carries real risk. Attackers use name plus email plus phone combinations to build highly convincing phishing messages. They can send emails that address you by name, reference your real phone number for fake verification steps, or call directly with fabricated urgency. For customers of a Brazilian educational publisher, the most likely vectors are fake invoice emails, delivery notification scams, and impersonation of financial institutions. The data's presense on a public hacking forum means it has been indexed and is searchable by threat actors globally.

How Database Breaches Work

A database breach occurs when an attacker gains unauthorized access to a company's stored customer data, typically through SQL injection, misconfigured cloud storage, or compromised admin credentials. In ecommerce platforms, customer databases are high-value targets because they aggregate personal information across potentially thousands of transactions. Once extracted, the data is often formatted and posted to hacking forums where it can be downloaded freely or traded. Editora Mizuno's breach follows this standard pattern, with the database appearing on a known forum weeks after the initial compromise.

Check If You Are Affected

HEROIC's free scanner checks your email against 400 billion+ compromised records, including the Editora Mizuno breach and thousands of other databases shared on hacking forums. If your email address was in this dump, you will see it immediately along with every other breach it has appeared in. Run a free check now.