Skip to content
Data breachContained

Leak at Grenoble School of Management

On 29 December 2025, an actor calling themselves CZX leaked a 1.35 GB database of more than 400,000 Grenoble École de Management students, alumni and prospects on BreachForums, exposing names, contact details and academic records.

Victim
Grenoble School of Management

On 29 December 2025, Grenoble École de Management (GEM) — a leading French business school based in Grenoble — was named on the cybercrime marketplace BreachForums after a threat actor using the alias "CZX" published a database attributed to the institution. The actor claimed to have infiltrated GEM's systems in November 2025 and offered a 1.35 GB archive said to contain records on more than 400,000 individuals from the school's wider community.

The leaked data appears to originate from a CRM or marketing system holding student, alumni, applicant and prospect records. GEM stated that the exposure was limited to identification and contact information and confirmed that no passwords or banking data were compromised. The breach was part of a broader wave of attacks against French higher-education institutions over the December holiday period, which also hit the University of Lille.

Exposed data categories reportedly included:

  • First and last names
  • Email addresses and phone numbers
  • Postal addresses
  • Employer and job title / professional information
  • Academic records and event-participation data
  • Subscription preferences and IP addresses

GEM published a public statement acknowledging the circulating data and notified the French authorities, the CNIL (data protection regulator) and ANSSI (national cybersecurity agency). The school urged affected individuals to stay alert to phishing and fraud attempts impersonating GEM or its partners. The incident appears contained, with no sensitive credentials or financial data reported as exposed.

Sources

  1. grenoble-em.comhttps://www.grenoble-em.com/actualites/information-relative-a-la-securite-de-vos-donnees
  2. it-connect.frhttps://www.it-connect.fr/cyberattaques-luniversite-de-lille-et-grenoble-ecole-de-management-victimes-dune-fuite-de-donnees/
  3. cyberveille.chhttps://cyberveille.ch/posts/2026-01-04-fuites-de-donnees-gem-et-universite-de-lille-listees-sur-breachforums/
  4. grenoble-em.comhttps://www.grenoble-em.com/en/news/information-regarding-the-security-of-your-data

Related incidents

Data breachOngoing

Data leak at Université de Lille

On 29 December 2025, a record of 7,244 Université de Lille students — reportedly from an IUT Informatique internship database — was posted on BreachForums by an actor using the LAPSUS$ name, exposing names, dates of birth, postal addresses, emails and phone numbers.

Victim
Université de Lille
Records
7.2K
Data breachOngoing

Leak at Allegro Musique

On 28 December 2025, a database of 161,412 members of French at-home music-lesson provider Allegro Musique was leaked, exposing names, postal addresses, emails, phone numbers, social security numbers and registration details.

Victim
Allegro Musique
Records
161.4K