Skip to content
Supply chainContained

Leak at Alumni Université Côte d'Azur (via AlumnForce)

In April 2026, alumni data of Université Côte d'Azur was exposed as part of a breach of the AlumnForce platform, leaking names, contact details, education and detailed professional/career information for tens of thousands of graduates, within a wider 2.7-million-record leak across 49 institutions.

Victim
Alumni Université Côte d'Azur

On 10 April 2026, Alumni Université Côte d'Azur — the graduate network of the Université Côte d'Azur in Nice — was named among the victims of a large data breach affecting AlumnForce, a French software provider that powers alumni community platforms for dozens of universities and grandes écoles.

The breach did not originate at the university itself but at its third-party platform provider. According to reporting, an attacker first scraped the Université Côte d'Azur online directory (around 50,000 people), noticed the institution's AlumnForce-powered alumni section, and pivoted to compromise the broader AlumnForce database. The full leak spans roughly 2.7 million profiles across 49 French higher-education institutions, including more than 1.83 million unique email addresses and over 651,000 phone numbers, and was offered for sale on a cybercrime forum.

For Université Côte d'Azur alumni, the exposed records reportedly included:

  • Name and first name
  • Email address and phone number
  • Postal code and city
  • Current job title and professional experience
  • Career path within the alumni network, career aspirations and desired roles
  • Degree obtained and year of graduation, plus skills

The combination of contact details with professional and job-seeking information makes affected graduates particularly exposed to targeted phishing and fraudulent recruiter scams. Several affected institutions confirmed the incident and notified their members, and AlumnForce users were urged to change their passwords and stay vigilant against tailored phishing.

Sources

  1. cyberattaque.orghttps://www.cyberattaque.org/alumnforce-2-7-millions-etudiants-exposes/
  2. le-droit.frhttps://www.le-droit.fr/blog/fuite-donnees-alumnforce-avril-2026
  3. hendryadrian.comhttps://www.hendryadrian.com/alumnforce-data-breach-exposes-2-7-million-user-records/

Related incidents

Supply chainOngoing

Leak at IAE Grenoble (via AlumnForce)

In April 2026, alumni of IAE Grenoble were exposed in a breach of AlumnForce, the third-party platform managing its alumni network; the stolen dataset spanned ~2.7M profiles across 49 French institutions and included names, contact details and full professional/education histories.

Victim
IAE Grenoble
Supply chainOngoing

Leak at ENSAI Network (via AlumnForce)

ENSAI Network alumni data was exposed in the April 2026 breach of its platform provider AlumnForce, which leaked some 2.7 million student and graduate profiles from 49 French institutions — including names, emails, phone numbers, locations, career history and education details — now offered for sale on cybercrime forums.

Victim
ENSAI Network
Supply chainOngoing

Leak at Lilagora (via AlumnForce)

In April 2026, Lilagora — the University of Lille's alumni network — saw its members' data exposed in a breach of its third-party platform provider AlumnForce, part of a wider incident affecting 2.7 million profiles across 49 French institutions, with names, contact details and professional histories leaked.

Victim
Lilagora