Data leak at Dream Up (LAPSUS$) across multiple sites
In early January 2026, the LAPSUS$ group publicly leaked around 40 GB of data extracted from 54 client SQL databases managed by French web agency Dream Up (dream-me-up.fr), exposing customer and contact information from the e-commerce and showcase sites it hosts.
- Victim
- Dream Up (LAPSUS$) 40GB multi sites
On 4 January 2026, Dream Up β a French web agency (dream-me-up.fr) that builds and hosts client websites β was named as the source of a large data leak claimed by the LAPSUS$ group. The attackers exfiltrated roughly 40 GB of files drawn from 54 of the agency's client SQL databases and, rather than demanding a ransom, distributed the stolen data publicly and for free.
The compromise is attributed to insecure shared database hosting via phpMyAdmin, through which the attackers were able to reach the credentials and contents of multiple client databases at once. The affected sites were largely small and medium e-commerce and showcase projects, many built on WordPress and PrestaShop.
Exposed data covered the customers and business contacts of the hosted sites, including:
- Customer names and contact details
- Account and order-related information from e-commerce stores
- Business and contact data from showcase sites
Because the dataset was released openly rather than held for extortion, affected customers face an elevated risk of phishing and identity theft. The incident remains ongoing as the leaked databases circulate publicly; recommended responses include resetting passwords, auditing CMS versions, and migrating off shared phpMyAdmin infrastructure to isolated hosting.
Sources
- fuitesinfos.frhttps://fuitesinfos.fr/article/2026-01-04-dream-up-lapsus-40go-multi-sites
- greenhoster.frhttps://greenhoster.fr/fr/news/piratage-lapsus-54-sites-francais-et-40-go-de-donnees-voles