Skip to content
Credential stuffingContained

Leak at Caisse des dépôts et des consignations

In February 2025, France's Caisse des dépôts disclosed that attackers used stolen login credentials to access the Ircantec pension platform and steal the personal data of about 70,000 public-sector contract workers, hospital practitioners and roughly 1,000 local elected officials.

Victim
Caisse des dépôts et des consignations
records
70.0K

On 12 February 2025, the Caisse des dépôts et des consignations — the French state-owned financial institution that manages public pension and savings schemes — disclosed a data breach affecting the Ircantec supplementary retirement fund it operates on behalf of public employers. Attackers used fraudulently obtained login credentials to access the Ircantec management platform and exfiltrate the personal data of roughly 70,000 affiliates.

Those affected were largely contract workers across the state, territorial and hospital public services, along with hospital practitioners and about 1,000 local elected officials affiliated with the scheme. The intrusion relied on stolen account credentials rather than any modification of the underlying records.

The exposed data included:

  • First and last names
  • Dates and places of birth
  • Social security numbers
  • Postal addresses

According to the Caisse des dépôts, banking details and telephone numbers were not affected and no records were altered. In response, the institution blocked the compromised access, tightened account-creation controls, alerted partner organisations to watch for abnormal activity, notified all affected individuals, reported the breach to the data-protection regulator CNIL, and filed a criminal complaint.

Sources

  1. francetvinfo.frhttps://www.francetvinfo.fr/internet/securite-sur-internet/cyberattaques/vols-de-donnees-personnelles-a-la-caisse-des-depots-70-000-personnes-concernees-dont-1-000-elus_7070919.html
  2. usine-digitale.frhttps://www.usine-digitale.fr/article/une-cyberattaque-vise-la-caisse-des-depots-les-donnees-de-70-000-personnes-subtilisees.N2227416
  3. clubic.comhttps://www.clubic.com/actualite-553638-piratage-de-la-caisse-des-depots-les-donnees-de-70000-fonctionnaires-et-elus-dans-la-nature.html

Related incidents

Credential stuffingOngoing

Leak at France Travail

In late October 2025, France Travail — France's public employment agency — disclosed a breach in which attackers used credentials harvested by infostealer malware to access job-seeker accounts and exfiltrate sensitive personal, identity and financial data; about 16,479 affected records were catalogued.

Victim
France Travail
Credential stuffingContained

Leak at Kiabi

In January 2025, French clothing retailer Kiabi disclosed a credential-stuffing attack on its secondhand site (secondemain.kiabi.com) that exposed the names, dates of birth, contact details and IBANs of about 20,000 customers.

Victim
Kiabi
Records
20.0K