Skip to content
Data breachContained

Leak at Banque de France

On 23 November 2024, the threat actor Near2tlg advertised data allegedly stolen from France's central bank; the Banque de France denied any compromise of its secure systems, acknowledging only brief unauthorized access to an HR extranet with no sensitive data exposed.

Victim
Banque de France

On 23 November 2024, the Banque de France β€” France's central bank β€” was named in a data-sale post by the cybercriminal actor Near2tlg, who advertised an alleged trove of internal data on a hacker forum and Telegram, asking $50,000 before lowering the price to about $10,000.

To substantiate the claim, the actor released a handful of files for free. These turned out to be job descriptions and routine administrative documents rather than the sensitive material advertised, leading security researchers β€” including ClΓ©ment Domingo β€” to describe the claim as likely a bluff or a heavily exaggerated breach.

In a statement on 25 November 2024, the Banque de France denied any "attack on the secured information system" and said no sensitive personal or financial data had been compromised. It acknowledged only "occasional external access to an HR extranet," which it said it promptly closed.

The data categories Near2tlg claimed to hold (none independently verified) included:

  • Employee identities, positions and salaries
  • Client identities, bank account details and transaction histories
  • Internal strategic documents and financial reports

No record count was substantiated, and the verifiable impact appears limited to the exposure of non-sensitive HR-extranet documents. The incident is considered contained.

Sources

  1. clubic.comhttps://www.clubic.com/actualite-544949-piratage-de-donnees-ce-serait-carrement-au-tour-de-la-banque-de-france-d-avoir-une-fuite.html
  2. incyber.orghttps://incyber.org/article/near2tlg-revendique-un-vol-de-donnees-appartenant-a-la-banque-de-france/
  3. journaldeleconomie.frhttps://www.journaldeleconomie.fr/piratage-a-la-banque-de-france-deni-officiel-et-mysteres-persistants/

Related incidents

Data breachContained

Leak at Direct Assurance

In November 2024, French online insurer Direct Assurance was breached via a compromised employee account, exposing personal data of roughly 15,000 clients and prospects β€” including the IBAN/RIB banking details of about 5,800 of them β€” later offered for sale online.

Victim
Direct Assurance
Records
15.0K
Data breachContained

Leak at Meilleurtaux

In late September 2024, French credit and insurance broker Meilleurtaux disclosed that an external attack on its IT systems had exposed sensitive personal data of customers, including names, contact details, dates of birth, family situation, income and employment status.

Victim
Meilleurtaux
Data breachUnknown

23,685 records: claimed leak at ATOA

A threat actor put a database from ATOA β€” a French real-estate tokenization and fractional-investment fintech β€” up for sale on a dark web forum, exposing roughly 23,685 user and financial records plus 326 full KYC archives containing passports, ID cards and banking details.

Victim
ATOA
Records
23.7K