Leak at AG2R la Mondiale (via Itelis)
Disclosed in November 2025, a cyberattack on Itelis — the optical-care third-party network used by insurer AG2R la Mondiale — exposed beneficiaries' names, dates of birth, social security numbers, reimbursement records and vision-correction data for optical coverage handled between 2020 and early 2022.
- Victim
- AG2R la Mondiale
On 25 November 2025, AG2R la Mondiale — one of France's largest social-protection and insurance groups — notified beneficiaries of a data breach originating not in its own systems but at Itelis, the optical-care partner network it relies on to connect opticians and process eye-care reimbursements. Itelis (part of the Axa healthcare-partner ecosystem) disclosed a cyberattack on 24 November 2025; AG2R la Mondiale began alerting affected members by email from 23 November.
The compromise reportedly stemmed from unauthorized access to the Itelis platform — early indications point to compromised employee credentials rather than a direct database breach. Because the exposed data flowed through a shared third-party processor, multiple insurers and mutuals beyond AG2R were affected. The records concerned optical coverage handled between 2020 and the first quarter of 2022.
Exposed data categories include:
- Last name and first name
- Date of birth
- Social security number (NIR)
- File / reimbursement records
- Vision-correction data
- Phone number (in some cases)
Bank details, postal and email addresses, and login credentials were reported as not affected. French press estimated up to 1.6 million beneficiaries across all client insurers could be concerned, though no figure specific to AG2R la Mondiale's portfolio was confirmed. AG2R la Mondiale notified the CNIL and filed a criminal complaint with the public prosecutor, and warned members to be vigilant against phishing attempts exploiting the leaked details.
Sources
- next.inkhttps://next.ink/brief_article/fuite-de-donnees-personnelles-chez-itelis-axa-nom-dossier-correction-numero-secu/
- clubic.comhttps://www.clubic.com/actualite-518218-un-nouveau-prestataire-de-sante-francais-touche-par-une-cyberattaque-visant-les-donnees-personnelles-des-assures.html
- stroople.comhttps://www.stroople.com/data-breach-observatory/data-breach-itelis-november-2025/