Skip to content
Supply chainOngoing

Leak at ENSAI Network (via AlumnForce)

ENSAI Network alumni data was exposed in the April 2026 breach of its platform provider AlumnForce, which leaked some 2.7 million student and graduate profiles from 49 French institutions — including names, emails, phone numbers, locations, career history and education details — now offered for sale on cybercrime forums.

Victim
ENSAI Network

On 10 April 2026, ENSAI Network — the alumni community of France's École Nationale de la Statistique et de l'Analyse de l'Information (ENSAI) — was named among the institutions caught up in a large-scale breach of AlumnForce, the third-party platform that powers its online alumni network. The exposure did not stem from ENSAI's own systems but from a compromise of its software provider, making this a supply-chain incident.

In early April 2026, a threat actor advertised for sale a database of roughly 2.7 million student and graduate profiles drawn from 49 French universities and grandes écoles that use AlumnForce, with records spanning decades of graduating classes. The dataset was reported to contain more than 1.83 million unique email addresses and over 651,000 phone numbers. ENSAI Network appears among the affected alumni networks.

Exposed data categories include:

  • First and last name
  • Email address and phone number
  • Postal code and city
  • Current job title and employer
  • Career aspirations and desired salary range
  • Professional experience and path within the alumni network
  • Degree obtained and graduation year
  • Skills

As of disclosure, the compromised database was being offered for sale on cybercriminal forums and several affected institutions had confirmed the leak, so the incident is treated as ongoing. Alumni listed on AlumnForce-powered networks are advised to be alert to targeted phishing and identity-fraud attempts using the leaked contact and career details.

Sources

  1. cyberattaque.orghttps://www.cyberattaque.org/alumnforce-2-7-millions-etudiants-exposes/
  2. dailydarkweb.nethttps://dailydarkweb.net/alumnforce-data-breach-exposes-2-7-million-user-records/
  3. insidehighered.comhttps://www.insidehighered.com/news/tech-innovation/administrative-tech/2026/05/05/pay-or-leak-hackers-target-big-higher-ed-vendor
  4. network.ensai.frhttps://network.ensai.fr/fr/

Related incidents

Supply chainOngoing

Leak at IAE Grenoble (via AlumnForce)

In April 2026, alumni of IAE Grenoble were exposed in a breach of AlumnForce, the third-party platform managing its alumni network; the stolen dataset spanned ~2.7M profiles across 49 French institutions and included names, contact details and full professional/education histories.

Victim
IAE Grenoble
Supply chainOngoing

Leak at Lilagora (via AlumnForce)

In April 2026, Lilagora — the University of Lille's alumni network — saw its members' data exposed in a breach of its third-party platform provider AlumnForce, part of a wider incident affecting 2.7 million profiles across 49 French institutions, with names, contact details and professional histories leaked.

Victim
Lilagora