Leak at Alumni Université de Strasbourg (via AlumnForce)
On 8 April 2026, the alumni network of the University of Strasbourg was exposed as part of a wider compromise of the AlumnForce platform, leaking members' names, contact details, education history and professional career data across 49 French institutions (~2.7M profiles in total).
- Victim
- Alumni Université de Strasbourg
On 8 April 2026, Alumni Université de Strasbourg — the alumni network of the University of Strasbourg (Unistra) — was caught up in a large-scale breach of AlumnForce, the third-party SaaS platform used to manage alumni communities across French higher education. The compromise of the shared platform exposed the personal and professional profiles of the university's registered alumni, who were notified directly by the institution.
This was a supply-chain incident: the data was not stolen from Unistra's own systems but from the externally hosted AlumnForce platform. The attack reportedly affected roughly 2.7 million profiles across 49 institutions nationwide, with the University of Strasbourg among the confirmed victims. Coverage attributes the intrusion to an attack on the AlumnForce platform, with targeted phishing flagged as the principal downstream risk for affected alumni.
Exposed data categories for affected members included:
- First and last name, email address, phone number
- Postal code and city of residence
- Current job title and employer
- Career aspirations (target sectors, desired salary, locations, role, experience level)
- Professional experience history (dates, job title, company, city)
- Education path within the network (degrees obtained and year) and skills
According to the notice sent to its members, the University of Strasbourg said there was no evidence at that stage of fraudulent use of the data, and indicated it had referred the matter to the competent authorities (including France's data-protection regulator, the CNIL) in line with its legal obligations. Members were advised to change passwords, enable two-factor authentication and remain vigilant against phishing messages crafted from the leaked details.
Sources
- strasinfo.frhttps://strasinfo.fr/2026/04/12/fuite-de-donnees-des-milliers-danciens-de-lunistra-exposes/
- frenchbreaches.comhttps://frenchbreaches.com/alertes/universit-de-strasbourg-alumni--mnq2mage820xavrhyy
- le-droit.frhttps://www.le-droit.fr/blog/fuite-donnees-alumnforce-avril-2026