Skip to content
Data breachContained

Leak at Chronopost

In December 2025, a 680 MB dataset on ~860,000 Chronopost customers — names, emails and parcel details scraped from the La Poste Pickup relay-point network — was published on BreachForums; the data covered shipments from spring 2025.

Victim
Chronopost
records
860.0K

On 20 December 2025, Chronopost — the express-parcel subsidiary of France's La Poste group — was hit by the public disclosure of a large customer dataset on the BreachForums cybercrime forum. A threat actor published a 680 MB JSON file said to contain the personal data of roughly 860,000 people, claiming the records had never circulated before and came directly from their own extraction.

The attacker said the data was harvested by scraping Chronopost's "Pickup" relay-point systems — the network used to deliver and collect parcels at local drop-off points — rather than through a direct intrusion into back-end servers. This points to insufficiently protected web interfaces or APIs that allowed mass automated collection of shipment and recipient information. The exposed records covered shipments handled between roughly 25 February and 10 April 2025.

Exposed data categories included:

  • First and last names
  • Email addresses
  • Parcel tracking/reference numbers
  • Parcel details (dimensions, barcodes)
  • Pickup point names and locations

Chronopost confirmed the incident and linked it to a vulnerability it had identified and "actively addressed" in spring 2025, in line with applicable regulations. While the underlying flaw was said to have been remediated at the time, the December 2025 mass publication renewed the exposure for affected customers, who face a heightened risk of highly credible phishing and SMS-based (smishing) scams. This event is distinct from the separate January 2025 Chronopost breach that affected around 210,000 customers.

Sources

  1. generation-nt.comhttps://www.generation-nt.com/actualites/chronopost-fuite-donnees-pickup-piratage-colis-2068262
  2. kulturegeek.frhttps://kulturegeek.fr/news-344103/chronopost-pirate-donnees-860-000-francais-fuite
  3. zataz.comhttps://www.zataz.com/chronopost-plus-de-trois-millions-de-donnees-personnelles-en-fuite/

Related incidents

Data breachContained

Leak at Chronopost

Chronopost, the French express parcel carrier, confirmed in February 2025 that an intrusion detected on 29 January 2025 exposed personal data of around 210,000 customers, including names, postal addresses, phone numbers and delivery signatures.

Victim
Chronopost
Records
210.0K
Data breachContained

Leak at Mondial Relay

In December 2025, French parcel-delivery firm Mondial Relay disclosed a cyberattack in which attackers accessed customer and shipment data — names, emails, postal addresses, phone numbers and parcel-tracking details; a dark-web actor claimed roughly 25.7 million records.

Victim
Mondial Relay
Data breachContained

Leak at Colis Privé

In November 2025, French parcel-delivery firm Colis Privé disclosed unauthorized access to part of its systems that exposed customer contact data — names, postal and email addresses and phone numbers. A threat actor advertised a dataset reportedly running to tens of millions of rows; no passwords or banking data were affected.

Victim
Colis Privé
Data breachContained

Leak at Digital Charging Solutions

In September 2025, EV-charging billing provider Digital Charging Solutions disclosed that a contracted third-party service provider had accessed customer records without authorization, exposing names and email addresses of an initial single-digit number of affected users.

Victim
Digital Charging Solutions