Pax8 accidentally exposes partner data – 1,800 MSPs have customer info and licensing details exposed
- Pax8 employee mistakenly emailed spreadsheet exposing data of around 1,800 customers
- File contained 56,000 entries with organization names, SKUs, licenses, and renewal dates
- Pax8 requested deletion; criminals reportedly attempted to buy the leaked list
Pax8, a cloud commerce marketplace for Managed Service Providers (MSP), has said it inadvertently exposed sensitive data on about 1,800 of its customers after an employee sent an email with an attachment by mistake.
The company confirmed the news in a follow-up email notifying affected businesses about the mishap.
“Earlier today, 13 January 2026, a Pax8 employee mistakenly sent an email with an attached spreadsheet to fewer than 40 UK-based partners,” the email reads. “The attachment did not contain personally identifiable information. However, the file included limited internal business information reflective of your Pax8 pricing and some Microsoft program management.”
Millions in damages
The email, titled “Potential Business Premium Upgrade Tactic to Save Money”, contained internal pricing and Microsoft program information affecting primarily UK businesses, and one located in Canada.
After reaching out to a few recipients, BleepingComputer learned the CSV file that was attached contained customer organization names, Microsoft SKUs, license counts, and New Commerce Experience (NCE) renewal dates.
There were more than 56,000 entries in the document, the publication further found, including
Partner Name and ID
Customer Name and ID
Vendor Name and Product Name
Gross & Net Bookings
Currency Total Quantity
Territory
Account Owner
Provision Date
Cancelled Book Date
Postal Code
Transaction Type
Commitment Term End Date
Pax8 said the leak will not impact Marketplace availability or security controls and added that it reached out to all recipients and asked for the emails to be deleted and not further distributed.
It is also being reported that cybercriminals are reaching out to the recipients as well, trying to purchase the list. So far, the information has not leaked on the dark web, so it is safe to assume that no one sold just yet.
Pax8 currently has more than 47,000 partners worldwide and operates in 18 countries.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
