508,276 Coriolis Télécom customers affected by a data leak
French mobile and internet operator Coriolis Télécom was hit by a data leak in which a hacker put a 356 MB database of 508,276 customer records — including names, postal and email addresses, dates of birth, IBAN/BIC bank details and business SIRET numbers — up for sale on a dark-web marketplace.
- Victim
- Coriolis Télécom
- records
- 508.3K
On 25 January 2026, Coriolis Télécom — a French mobile and fixed-internet operator — was reported to be the victim of a large customer-data leak after a threat actor advertised its subscriber database for sale on an underground marketplace.
According to reporting by ZATAZ, the attacker offered a 356 MB JSON database said to contain 508,276 customer records, and published a sample of roughly 100 entries to establish credibility with prospective buyers. The data appears to have been extracted from internal customer systems rather than through a destructive intrusion.
The exposed records reportedly included:
- Full names and civility (title)
- Postal addresses and postal codes
- Email addresses
- Dates of birth
- IBAN and BIC bank-account details (with a "SEPA" mandate field)
- SIRET company-registration numbers for business subscribers
The combination of identity, contact and banking details makes the dataset especially valuable for phishing, SEPA-direct-debit fraud and identity theft. At the time of reporting, Coriolis Télécom had not publicly confirmed the breach, and its scope and remediation status remain unverified.
Sources
- fuitesinfos.frhttps://fuitesinfos.fr/article/2026-01-25-coriolis-telecom
- zataz.comhttps://www.zataz.com/coriolis-telecom-500-000-fiches-clients-exposees-par-un-pirate-avec-iban/
- frenchbreaches.comhttps://frenchbreaches.com/alertes/coriolis-telecom-facc20991ead