Skip to content
Data breachContained

Leak at Autosur & Diagnosur

In March 2025, French vehicle-inspection network Autosur (Diagnosur brand) disclosed a breach exposing data on roughly 10.7 million customers — names, postal and email addresses, phone numbers, and detailed vehicle records including registration plates and VINs — later offered for sale online.

Victim
Autosur & Diagnosur

On 24 March 2025, Autosur — one of France's largest vehicle technical-inspection networks, which also operates under the Diagnosur brand — disclosed a major data breach. The company detected unauthorized access to customer data around 16 March 2025 and began notifying affected users by email on 28 March, after a threat actor advertised the stolen database on the BreachForums cybercrime forum.

The leak exposed personal and vehicle information for roughly 10.7 million customers, spread across more than 12 million rows of data (about 487,000 unique email addresses). Beyond identity details, the dataset included clear-text technical records on customers' vehicles, making it valuable for identity theft, phishing, and automotive fraud.

Exposed data categories included:

  • Full names (first and last)
  • Postal addresses
  • Email addresses
  • Phone numbers
  • Vehicle details: registration plates, VINs, make, model, and prior inspection results
  • Hashed passwords

The attacker offered the database for sale for roughly $5,000–$7,500 in Monero (XMR). Autosur published a public notice on the incident and filed a criminal complaint; French authorities, including ANSSI, were involved in the investigation. The breach was later catalogued by Have I Been Pwned in December 2025.

Sources

  1. autosur.frhttps://www.autosur.fr/information-fuite-de-donnees/
  2. zataz.comhttps://www.zataz.com/fuite-massive-de-donnees-chez-autosur-plus-de-12-millions-de-dossiers-exposes/
  3. largus.frhttps://www.largus.fr/actualite-automobile/cyberattaque-chez-autosur-une-fuite-de-donnees-d-ampleur-touche-les-clients-du-controle-technique-30039603.html
  4. haveibeenpwned.comhttps://haveibeenpwned.com/Breach/AUTOSUR

Related incidents

Data breachContained

Leak at Mondial Relay

In December 2025, French parcel-delivery firm Mondial Relay disclosed a cyberattack in which attackers accessed customer and shipment data — names, emails, postal addresses, phone numbers and parcel-tracking details; a dark-web actor claimed roughly 25.7 million records.

Victim
Mondial Relay
Data breachContained

Leak at Chronopost

In December 2025, a 680 MB dataset on ~860,000 Chronopost customers — names, emails and parcel details scraped from the La Poste Pickup relay-point network — was published on BreachForums; the data covered shipments from spring 2025.

Victim
Chronopost
Records
860.0K
Data breachContained

Leak at Colis Privé

In November 2025, French parcel-delivery firm Colis Privé disclosed unauthorized access to part of its systems that exposed customer contact data — names, postal and email addresses and phone numbers. A threat actor advertised a dataset reportedly running to tens of millions of rows; no passwords or banking data were affected.

Victim
Colis Privé
Data breachContained

Leak at Digital Charging Solutions

In September 2025, EV-charging billing provider Digital Charging Solutions disclosed that a contracted third-party service provider had accessed customer records without authorization, exposing names and email addresses of an initial single-digit number of affected users.

Victim
Digital Charging Solutions