Leak at Electro Dépôt
Customer data attributed to French electronics retailer Electro Dépôt surfaced as one of at least 17 French breaches consolidated on an open database, exposing names, contact details, IP addresses and partial payment data.
- Victim
- Electro Dépôt
On 20 December 2024, Electro Dépôt — a French big-box electronics and home-appliance retailer — was named among the victims of a large compilation of leaked French consumer data. Customer records attributed to the company appeared as one component of a much larger cluster aggregating data from multiple separate breaches.
The data was uncovered by researchers who found an unsecured, misconfigured Elasticsearch server left open online by an unknown actor who appeared to be hoarding personal information harvested from French data breaches. The Electro Dépôt records formed one of at least 17 distinct breach sets in that database, alongside data attributed to other French and international brands such as Darty, Go-Sport, Intersport, LDLC, SFR and Sport 2000.
Across the affected sets, the exposed fields commonly included:
- Full names
- Email addresses
- Phone numbers
- Postal addresses
- IP addresses
- Partial payment-card information
The consolidated database held more than 95 million records in total — exceeding the population of France — though that figure covers all 17 breaches combined, not Electro Dépôt alone. The exact number of Electro Dépôt customers affected has not been independently confirmed, and the company has not published a specific statement tied to this disclosure. The status of any notification or regulatory follow-up remains unclear.
Sources
- cybernews.comhttps://cybernews.com/security/french-records-exposed-by-mysterious-data-hoarder/
- oodaloop.comhttps://oodaloop.com/briefs/cyber/over-90-million-french-records-exposed-mysterious-data-hoarder-leaves-instances-open/