Leak at E.Leclerc
In January 2025, E.Leclerc's Prime énergie (energy-rebate) platform was hit by fraudulent account access, exposing customers' names, email addresses, login credentials, file numbers, rebate amounts and service descriptions; the breach was disclosed to affected users on 24 January 2025.
- Victim
- E.Leclerc
On 24 January 2025, E.Leclerc — the French retail cooperative — disclosed a data breach affecting its Prime énergie division, the platform that pays out energy-saving rebates (certificats d'économies d'énergie) for electricity, gas and fuel projects. The incident was confined to the energy-rebate service and did not involve the group's main grocery operations.
According to the company, security investigations uncovered fraudulent attempts to access Prime énergie customer accounts. An initial 17 January 2025 email had asked users to update their passwords; a follow-up sent on 24 January confirmed that personal data had been exposed. E.Leclerc disabled the affected accounts, forced password resets and urged customers to change any reused credentials on other services.
Exposed data included:
- First and last names
- Email addresses
- Account login credentials (identifiants d'accès, potentially including passwords or hashed passwords)
- File / case numbers (numéros de dossier)
- Rebate amounts (montants de prime)
- Service descriptions (libellés de prestation)
E.Leclerc notified France's data-protection authority (the CNIL) of the breach. The number of affected customers was not publicly disclosed. The exposed account credentials raised concern about follow-on phishing and credential-stuffing against the victims, prompting the company's advice to reset passwords across services.
Sources
- next.inkhttps://next.ink/167199/cyberattaque-contre-e-leclerc-des-donnees-personnelles-ont-pu-etre-exposees/
- funinformatique.comhttps://www.funinformatique.com/fuite_de_donnees/e-leclerc-energies/
- cyberlego.comhttps://www.cyberlego.com/web/2025/01/27/nouvelle-fuite-de-donnees-en-france-e-leclerc-victime-dune-cyberattaque-changez-vos-mots-de-passe/