A database with names, addresses, telephone numbers and e-mail addresses of approximately 200,000 customers of Raven Hengelsport is on the street.
The data has been offered for sale on a forum where criminals are more likely to trade in stolen personal information.
Raven is one of the largest suppliers of fishing equipment in the Netherlands.
The company has four branches in our country, but says that the data breach only contains data from people who had an account with the webshop.
"We are pleased that there were no bank details and passwords in between. But this is annoying for our customers, because they can become a victim of phishing," Dennis de Jong of the angling chain said to NU.nl.
In this form of fraud, a scammer sends a message on behalf of another party, often with the aim of luring the potential victim to a rogue site.
The more personal information a criminal has, the more convincing an email or text message can be.
Data was offered for a few hundred euros
The data breach arose after Raven got a new webshop in November, according to De Jong.
The database with customer data from around 2018 turned out to be publicly accessible by accident.
The angling chain was notified in March that the data was for sale online for $400 (almost $340).
That same day, the trading forum's database disappeared.
"He was gone very quickly. Maybe someone bought it and demanded exclusive rights," De Jong suggests.
"But once it's offered, it's on the street."
"We ourselves did what we had to do: removed the file from our own site, informed the Dutch Data Protection Authority and informed our customers."