Skip to content
Data breachContained

Leak at Chronopost

Chronopost, the French express parcel carrier, confirmed in February 2025 that an intrusion detected on 29 January 2025 exposed personal data of around 210,000 customers, including names, postal addresses, phone numbers and delivery signatures.

Victim
Chronopost
records
210.0K

On 12 February 2025, Chronopost — the express parcel-delivery subsidiary of France's La Poste group — publicly confirmed a data breach after an intrusion was detected on 29 January 2025, one day after the data was reportedly exfiltrated. The company described it as "an incident leading to the theft of personal data of certain customers."

The breach exposed personal data for roughly 210,000 customers. Chronopost did not detail the technical entry point, but the stolen records were advertised on hacking forums by an attacker operating under the aliases "akldvg"/"arkeliaad," who claimed a far larger trove of up to 7 million records — a figure the company did not corroborate.

Exposed data categories included:

  • First and last names (present in nearly all records)
  • Postal addresses
  • Phone numbers
  • Customer signatures as captured on proof-of-delivery documents

Chronopost said the incident was contained upon discovery and "now closed." It reinforced the security of the affected application, engaged cybersecurity experts, notified France's data-protection authority (CNIL) within the required timeframe, and alerted affected customers, urging them to stay vigilant against phishing and spam attempts that could exploit the leaked details.

Sources

  1. next.inkhttps://next.ink/170278/chronopost-confirme-un-incident-ayant-conduit-a-un-vol-dune-partie-des-donnees-personnelles/
  2. usine-digitale.frhttps://www.usine-digitale.fr/article/cybersecurite-chronopost-victime-d-une-fuite-de-donnees-des-signatures-de-clients-exposees.N2227405
  3. datasecuritybreach.frhttps://www.datasecuritybreach.fr/cyberattaque-chronopost/

Related incidents

Data breachContained

Leak at Chronopost

In December 2025, a 680 MB dataset on ~860,000 Chronopost customers — names, emails and parcel details scraped from the La Poste Pickup relay-point network — was published on BreachForums; the data covered shipments from spring 2025.

Victim
Chronopost
Records
860.0K
Data breachContained

Leak at Mondial Relay

In December 2025, French parcel-delivery firm Mondial Relay disclosed a cyberattack in which attackers accessed customer and shipment data — names, emails, postal addresses, phone numbers and parcel-tracking details; a dark-web actor claimed roughly 25.7 million records.

Victim
Mondial Relay
Data breachContained

Leak at Colis Privé

In November 2025, French parcel-delivery firm Colis Privé disclosed unauthorized access to part of its systems that exposed customer contact data — names, postal and email addresses and phone numbers. A threat actor advertised a dataset reportedly running to tens of millions of rows; no passwords or banking data were affected.

Victim
Colis Privé
Data breachContained

Leak at Digital Charging Solutions

In September 2025, EV-charging billing provider Digital Charging Solutions disclosed that a contracted third-party service provider had accessed customer records without authorization, exposing names and email addresses of an initial single-digit number of affected users.

Victim
Digital Charging Solutions