Skip to content
Data breachContained

Data leak at DCE Conseil and partners (prisons, armed forces, luxury)

French engineering consultancy DCE Conseil suffered a breach after an employee's cloud account was compromised with stolen credentials, exposing roughly 844 GB of sensitive technical files — including plans of prisons, a military base and luxury and corporate clients — later offered for sale on BreachForums.

Victim
DCE Conseil (Various partners: prisons, armed forces, luxury, etc.)

On 5 January 2026, DCE Conseil — a French engineering and technical-design consultancy that works on infrastructure projects for sensitive public and private sites — was confirmed as the source of a large data leak after roughly 844 GB of its files surfaced for sale on the BreachForums cybercrime marketplace.

According to reporting, the intrusion stemmed from the compromise of the cloud account of one of the firm's commercial engineers, most likely through stolen credentials, which gave the attacker access to the company's document repository. The trove was listed by a seller using the alias "AngelBatista," and security researchers who reviewed the samples judged them to appear authentic.

The exposed material was unusually sensitive given DCE Conseil's clientele and included:

  • Technical audits and architectural plans of French prisons (notably Fleury-Mérogis, Argentan and Condé-sur-Sarthe)
  • Defence-related documents, including plans tied to the Général Lejay army-aviation base school
  • Gendarmerie facility schematics
  • Corporate and luxury-sector data referencing clients such as Hermès subsidiaries (Puiforcat, John Lobb, Cristallerie Saint-Louis), as well as Lidl, Sodexo, Dalkia and Veolia

DCE Conseil stated publicly that the incident had been handled and was closed, and that affected parties had been notified. A French gendarmerie investigation was reported to be ongoing, and at least one affected military unit indicated it had not been informed of the leak concerning its site.

Sources

  1. fuitesinfos.frhttps://fuitesinfos.fr/article/2026-01-05-dce-conseil-partenaires-divers-prisons-armees-luxe-etc
  2. cyberveille.chhttps://cyberveille.ch/posts/2026-01-16-fuite-de-844-go-chez-dce-conseil-plans-de-prisons-et-dune-base-militaire-mis-en-vente-sur-breachforums/
  3. solutions-numeriques.comhttps://www.solutions-numeriques.com/des-documents-techniques-sensibles-circulent-apres-une-compromission-de-compte-cloud/
  4. generation-nt.comhttps://www.generation-nt.com/actualites/fuite-donnees-dce-conseil-prisons-base-militaire-cybersecurite-2069196

Related incidents