Skip to content
Data breachContained

CalendrIDEL: data of 1,400 self-employed nurses publicly disclosed

On 11 May 2026, a dataset attributed to CalendrIDEL, a French scheduling platform for self-employed nurses, was posted on a cybercrime forum, exposing the email addresses, mobile numbers, postal codes and profile names of roughly 1,400 nurses.

Victim
CalendrIDEL
records
1.4K

On 11 May 2026, CalendrIDEL — a French website and mobile application that helps self-employed nurses (infirmiers libéraux) manage their schedules, replacement contracts and patient care files — saw a dataset attributed to its users published on a cybercrime forum. The leak concerned roughly 1,400 nurse profiles.

The threat actor shared the data publicly on the forum, framing it as records belonging to French nursing professionals registered on the platform. The exact intrusion method was not disclosed in public reporting; the incident is treated as a data breach based on the leaked dataset rather than a confirmed attack vector.

The exposed data included:

  • Email addresses
  • Mobile phone numbers
  • Postal codes
  • Profile names / pseudonyms

While the dataset did not include highly sensitive medical or financial fields, the combination of professional contact details makes the affected nurses a credible target for tailored phishing, smishing and voice-phishing scams impersonating health organisations, recruiters or administrative bodies.

CalendrIDEL acknowledged the issue, publishing an official security statement on its community forum on 14 May 2026 and advising members to stay vigilant against suspicious messages or requests for administrative access. The incident appeared as part of a broader wave of disclosures targeting the French healthcare sector in May 2026.

Sources

  1. cyberattaque.orghttps://www.cyberattaque.org/calendridel-les-donnees-de-1-400-infirmiers-liberaux-diffusees-publiquement/
  2. calendridel.frhttps://www.calendridel.fr/forum/topic-2475/

Related incidents