Catholic education: a cyberattack exposes 1.5 million pieces of data
In March 2026, France's General Secretariat of Catholic Education (SGEC) disclosed a cyberattack on an administrative application that exposed the personal data of around 1.5 million students, families and teachers, including names, dates of birth, postal addresses, emails and phone numbers.
- Victim
- Catholic education
- records
- 1.5M
On 22 March 2026, the General Secretariat of Catholic Education (Secrétariat général de l'enseignement catholique, SGEC) — the body coordinating France's network of Catholic schools — disclosed a major cyberattack that exposed the personal data of roughly 1.5 million people.
The breach stemmed from the compromise of an administrative management application used by first-degree (primary) Catholic schools. Initial access is believed to have come through a compromised account or a vulnerability, followed by mass extraction of records from the centralized system. Around 800,000 students, their families and some 40,000 teachers were affected.
The exposed data was administrative in nature and reportedly included:
- Full names
- Dates of birth
- Postal addresses
- Email addresses
- Telephone numbers
No banking or financial data was reported to be affected. The SGEC suspended the affected services, secured access, notified the Ministry of Education and filed a report with France's data-protection regulator (CNIL), while cybersecurity experts were engaged to determine the exact origin and full scope of the compromise. Families and staff were urged to stay alert to phishing and identity-theft attempts using the leaked information.
Sources
- cyberattaque.orghttps://www.cyberattaque.org/enseignement-catholique-une-cyberattaque-expose-15-million-de-donnees/
- cafepedagogique.nethttps://www.cafepedagogique.net/2026/03/23/cyberattaque-dans-lenseignement-catholique-15-million-de-donnees-exposees/
- usine-digitale.frhttps://www.usine-digitale.fr/cybersecurite/lenseignement-catholique-frappe-par-une-cyberattaque-dampleur-exposant-les-donnees-personnelles-de-15-million-de-personnes.DSYEC46JC5DNLEI7YWWS7YNZIE.html