Skip to content
Data breachContained

Data leak at Enercoop after account compromise

On 11 May 2026, French renewable-energy cooperative Enercoop suffered a security incident in which email addresses tied to customer, prospect and member accounts were compromised and abused to send fraudulent phishing messages impersonating its customer service.

Victim
Enercoop

On 11 May 2026, Enercoop — a French cooperative supplier of 100% renewable electricity — identified a security incident in which one of its systems was compromised and abused to send fraudulent messages impersonating its customer service.

According to Enercoop's official incident notice, the compromise exposed email addresses associated with customer, prospect and member accounts. At this stage the company confirms only the exposure of certain email addresses; investigations are continuing to determine the precise scope of the accounts and data affected. The primary risk identified is phishing: recipients receiving fraudulent messages that pretend to come from Enercoop.

Exposed data confirmed to date:

  • Email addresses linked to customer, prospect and member accounts

Enercoop's technical and security teams say they immediately took steps to contain the incident and secure the affected systems. All individuals who received the fraudulent messages were notified by email (update of 12 May 2026), and the company notified France's data-protection regulator, the CNIL, within the deadline required by the GDPR. Enercoop has urged recipients to be wary of any message impersonating its customer service.

Sources

  1. fuitesinfos.frhttps://fuitesinfos.fr/article/2026-05-12-enercoop
  2. faq.enercoop.frhttps://www.faq.enercoop.fr/hc/fr/articles/35519628613266-Information-incident-de-s%C3%A9curit%C3%A9-11-mai-2026
  3. frenchbreaches.comhttps://frenchbreaches.com/alertes/enercoop-mp483a8bqjhyqqnz5v8

Related incidents

Data breachOngoing

Leak at ENI

In December 2025, the French operations of Italian energy group ENI suffered a data breach claimed by the Lapsus$ group, exposing professional contact details for tens of thousands of business customers; ENI confirmed the incident and notified the CNIL.

Victim
ENI
Data breachUnknown

Leak at EDF DPIH

On 28 February 2025, a threat actor claimed to have stolen a database from EDF's hydraulic generation division (DPIH), exposing power-plant intervention and maintenance plans, security inspection results and maintenance staff IDs; EDF and researchers disputed the actor's nuclear claims.

Victim
EDF DPIH
Data breachContained

Leak at E.Leclerc

In January 2025, E.Leclerc's Prime énergie (energy-rebate) platform was hit by fraudulent account access, exposing customers' names, email addresses, login credentials, file numbers, rebate amounts and service descriptions; the breach was disclosed to affected users on 24 January 2025.

Victim
E.Leclerc