Fine art printing users’ bank accounts exposed, attackers claim

Published: 25 November 2025
Modern painting, art, on a bright wall leaking via lower corner to represent a data leak

Pixtura, an Italy-based fine art printing service provider, was allegedly breached by attackers claiming to have stolen thousands of bank account numbers and ID documents.

The malicious actors claimed responsibility for the attack on a popular data leak forum, which is often used to sell and share stolen details. The attackers’ post claims that they breached Pixtura, a popular Italian fine art printing service.

We have reached out to the company for comment and will update this article once we receive a reply.

ADVERTISEMENT
Pixtura post on a data leak forum
Attackers' post on a data leak forum. Image by Cybernews.

Meanwhile, the Cybernews research team analyzed the data sample provided by the attackers. According to the team, the data includes numerous sensitive details that most likely belong to Pixtura’s customers. The exposed data includes:

  • User emails
  • Hashed passwords
  • Full names
  • Phone numbers
  • Bank account IBANs
  • ID numbers

The only silver lining is that not every record includes every single data point on a user. For example, there are significantly more exposed email addresses than there are IBANs. However, the team believes that exposed IDs are most likely legitimate.

Skilled attackers could utilize the leaked information to attempt identity theft, especially in cases where a single user has ID documents, email addresses, and phone numbers exposed.

Sample of data attackers allegedly taken from Pixtura
Sample of the leaked data. Image by Cybernews.

Users who had their IBAN details exposed likely face the highest risks, as attackers could attempt to impersonate them to take over financial accounts or carry out other forms of financial fraud. However, these attempts would require additional details and work to complete.

More worryingly, the team noticed that some of the exposed passwords were hashed using the notoriously insecure MD5 hash, which can be cracked by most attackers. Other hashes included SHA-256, known to be susceptible to brute force attacks. Others, however, were hashed via the safe Bcrypt method.

ADVERTISEMENT

Based on the information provided by the attackers, it is likely that malicious actors breached a database containing information on the company’s customers who made online purchases. However, our team did not find any information resembling payment card information.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

With Black Friday just around the corner, attackers will likely focus their efforts on targeting as many e-commerce platforms as possible. Recent analysis shows a twenty-fold increase in Black Friday-themed phishing attempts on November 1st, with activity surging to around 8% of all observed emails.

While big names like Amazon, Lidl, Costco, and IKEA sit atop scammers’ Black Friday hit lists, malicious actors don’t shy away from smaller platforms as well. One reason is that smaller companies often have smaller security budgets, leaving them more exposed to attacks.

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT