Aréli: some of its partners exposed after a cyberattack
Aréli, a Lille-based social-housing association, disclosed via a letter to partner organizations that a 12 January 2026 cyberattack exposed partner contact details and bank account information (RIB), affecting less than 2% of the data held on its servers.
- Victim
- Aréli
On 12 January 2026, Aréli — a Lille-based non-profit association providing supported and social housing for migrant workers, young workers and vulnerable people across the Hauts-de-France region — was hit by a cyberattack that compromised data belonging to its partner organizations. The breach was disclosed several weeks later through a letter sent to the affected partner structures.
According to Aréli, the incident affected less than 2% of the data stored across all of its servers. The exposed information concerned partner companies and organizations rather than residents, and included personal and financial details.
Data exposed included:
- First and last names of contacts
- Email addresses
- Phone numbers
- Bank account details (RIB)
Because banking information was involved, Aréli warned partners to remain vigilant against fraudulent payment requests, fraudulent RIB changes and phishing attempts. The association filed a criminal complaint on the day of the attack, reinforced its cybersecurity measures and stepped up staff awareness training. Investigations with the competent authorities were ongoing at the time of disclosure.
Sources
- cyberattaque.orghttps://www.cyberattaque.org/areli-certains-de-ses-partenaires-exposees-apres-une-cyberattaque/