Leak at Allegro Musique
On 28 December 2025, a database of 161,412 members of French at-home music-lesson provider Allegro Musique was leaked, exposing names, postal addresses, emails, phone numbers, social security numbers and registration details.
- Victim
- Allegro Musique
- records
- 161.4K
On 28 December 2025, Allegro Musique — a French company providing at-home music lessons through a national network of teachers — had a database containing the records of 161,412 members exposed and offered by a threat actor. The dataset covers both students and instructors associated with the platform.
The leak is reported to stem from the compromise of an internal customer-management system (CRM) or administrative portal used to coordinate lessons. The exfiltrated records were subsequently marketed to other actors, raising the risk of targeted phishing, vishing and social-engineering attacks against the exposed individuals.
The exposed data reportedly includes:
- Full name (first and last name)
- Postal address
- Email address
- Phone number
- Social security number
- Registration and termination dates
- Content of listings / lesson requests
As of disclosure the data was circulating among threat actors, and the incident remains ongoing. The presence of social security numbers alongside contact details makes the leak particularly sensitive and would fall within the scope of the French data-protection regulator (CNIL) under the GDPR.
Sources
- bonjourlafuite.eu.orghttps://bonjourlafuite.eu.org/#Allegro%20Musique-2025-12-28
- brinztech.comhttps://www.brinztech.com/breach-alerts/brinztech-alert-alleged-database-of-allegro-musique-exposed