Skip to content
Data breachContained

Leak at E.Leclerc

In January 2025, E.Leclerc's Prime énergie (energy-rebate) platform was hit by fraudulent account access, exposing customers' names, email addresses, login credentials, file numbers, rebate amounts and service descriptions; the breach was disclosed to affected users on 24 January 2025.

Victim
E.Leclerc

On 24 January 2025, E.Leclerc — the French retail cooperative — disclosed a data breach affecting its Prime énergie division, the platform that pays out energy-saving rebates (certificats d'économies d'énergie) for electricity, gas and fuel projects. The incident was confined to the energy-rebate service and did not involve the group's main grocery operations.

According to the company, security investigations uncovered fraudulent attempts to access Prime énergie customer accounts. An initial 17 January 2025 email had asked users to update their passwords; a follow-up sent on 24 January confirmed that personal data had been exposed. E.Leclerc disabled the affected accounts, forced password resets and urged customers to change any reused credentials on other services.

Exposed data included:

  • First and last names
  • Email addresses
  • Account login credentials (identifiants d'accès, potentially including passwords or hashed passwords)
  • File / case numbers (numéros de dossier)
  • Rebate amounts (montants de prime)
  • Service descriptions (libellés de prestation)

E.Leclerc notified France's data-protection authority (the CNIL) of the breach. The number of affected customers was not publicly disclosed. The exposed account credentials raised concern about follow-on phishing and credential-stuffing against the victims, prompting the company's advice to reset passwords across services.

Sources

  1. next.inkhttps://next.ink/167199/cyberattaque-contre-e-leclerc-des-donnees-personnelles-ont-pu-etre-exposees/
  2. funinformatique.comhttps://www.funinformatique.com/fuite_de_donnees/e-leclerc-energies/
  3. cyberlego.comhttps://www.cyberlego.com/web/2025/01/27/nouvelle-fuite-de-donnees-en-france-e-leclerc-victime-dune-cyberattaque-changez-vos-mots-de-passe/

Related incidents

Data breachOngoing

Leak at ENI

In December 2025, the French operations of Italian energy group ENI suffered a data breach claimed by the Lapsus$ group, exposing professional contact details for tens of thousands of business customers; ENI confirmed the incident and notified the CNIL.

Victim
ENI
Data breachUnknown

Leak at EDF DPIH

On 28 February 2025, a threat actor claimed to have stolen a database from EDF's hydraulic generation division (DPIH), exposing power-plant intervention and maintenance plans, security inspection results and maintenance staff IDs; EDF and researchers disputed the actor's nuclear claims.

Victim
EDF DPIH