Skip to content
Data breachUnknown

52,785 licence holders affected by claimed data leak at FFTwirl

On 6 January 2026 a data leak claimed against the French Twirling Baton Federation (FFTwirl) exposed the personal records of around 52,785 licence holders, volunteers and officials, including names, postal and email addresses, phone numbers, birth dates and club affiliations.

Victim
French Twirling Baton Federation (FFTwirl)
records
52.8K

On 6 January 2026, the French Twirling Baton Federation (FFTwirl) — the national governing body for the baton-twirling sport in France — was named as the victim of a claimed data leak exposing the personal records of its licence holders, volunteers and officials.

The exposure is one of a long series of breaches that struck the French sporting ecosystem from late 2025 into 2026, in which attackers harvested membership databases from dozens of federations to fuel identity theft and credential-stuffing operations. By late January 2026 more than thirty French sports federations had been reported compromised.

According to the claim, roughly 52,785 individuals were affected. The exposed data reportedly included:

  • First and last names
  • Postal addresses
  • Dates of birth
  • Email addresses
  • Phone numbers
  • Nationality, profession and socio-professional category
  • Family situation
  • Club affiliation

The specific intrusion method and the identity of the actor behind the FFTwirl leak were not publicly confirmed, and the status of the incident remains unclear. The breadth of the exposed fields — combining contact details with civil-status information — leaves affected members at heightened risk of phishing and identity fraud.

Sources

  1. fuitesinfos.frhttps://fuitesinfos.fr/article/2026-01-06-federation-francaise-de-twirling-baton-fftwirl
  2. idprotect.frhttps://idprotect.fr/cyberattaques-serie-noire-sport-francais-2026/
  3. patrickbayeux.comhttps://patrickbayeux.com/actualites/cyberattaques-en-serie-piratage-des-donnees-des-federations-le-sport-francais-face-a-la-vulnerabilite-numerique/

Related incidents

Data breachOngoing

Leak at La France Insoumise

In May 2026, France's La France Insoumise party had data from its Action Populaire activist platform stolen and posted on a hacking forum, exposing some 120,000 email addresses, 20,000 phone numbers, postal addresses and member activity spanning 2017-2026.

Victim
La France Insoumise