Leak at Chronopost
Chronopost, the French express parcel carrier, confirmed in February 2025 that an intrusion detected on 29 January 2025 exposed personal data of around 210,000 customers, including names, postal addresses, phone numbers and delivery signatures.
- Victim
- Chronopost
- records
- 210.0K
On 12 February 2025, Chronopost — the express parcel-delivery subsidiary of France's La Poste group — publicly confirmed a data breach after an intrusion was detected on 29 January 2025, one day after the data was reportedly exfiltrated. The company described it as "an incident leading to the theft of personal data of certain customers."
The breach exposed personal data for roughly 210,000 customers. Chronopost did not detail the technical entry point, but the stolen records were advertised on hacking forums by an attacker operating under the aliases "akldvg"/"arkeliaad," who claimed a far larger trove of up to 7 million records — a figure the company did not corroborate.
Exposed data categories included:
- First and last names (present in nearly all records)
- Postal addresses
- Phone numbers
- Customer signatures as captured on proof-of-delivery documents
Chronopost said the incident was contained upon discovery and "now closed." It reinforced the security of the affected application, engaged cybersecurity experts, notified France's data-protection authority (CNIL) within the required timeframe, and alerted affected customers, urging them to stay vigilant against phishing and spam attempts that could exploit the leaked details.
Sources
- next.inkhttps://next.ink/170278/chronopost-confirme-un-incident-ayant-conduit-a-un-vol-dune-partie-des-donnees-personnelles/
- usine-digitale.frhttps://www.usine-digitale.fr/article/cybersecurite-chronopost-victime-d-une-fuite-de-donnees-des-signatures-de-clients-exposees.N2227405
- datasecuritybreach.frhttps://www.datasecuritybreach.fr/cyberattaque-chronopost/