Skip to content
Data breachContained

Force Ouvrière (FO): more than 160,000 profiles exposed in a data leak

On 1 April 2026, French labour union Force Ouvrière (FO) was hit by a data breach claimed by an actor known as HexDex, who put up for sale a database of 161,343 member profiles including over 161,000 email addresses, 130,000 postal addresses and nearly 100,000 phone numbers.

Victim
Force Ouvrière (FO)
records
161.3K
SectorOther

On 1 April 2026, Force Ouvrière (FO) — one of France's largest trade union confederations — confirmed it had suffered a data breach after a single member file was compromised and offered for sale on cybercrime forums.

According to reporting, an attacker using the alias HexDex claimed the breach on 1 April and published a sample of internal data as proof before listing the full database for sale. The intrusion is attributed to human error: an employee opened a fraudulent email, giving the attacker the initial access needed to exfiltrate the file.

The database is said to contain 161,343 member profiles. Exposed data categories include:

  • 161,501 email addresses
  • 130,328 postal addresses
  • 99,728 phone numbers
  • Internal membership profile information

The breach is particularly sensitive because the records are tied to trade union membership, which can be exploited for targeted phishing, intimidation or political and personal pressure. FO filed a police report and notified the competent authorities. The incident follows the earlier compromise of the CFDT union, which exposed more than 1.4 million members, underscoring a pattern of French unions being targeted.

Sources

  1. cyberattaque.orghttps://www.cyberattaque.org/fo-plus-de-160-000-profils-exposes-dans-une-fuite-de-donnees/
  2. fuitesinfos.frhttps://fuitesinfos.fr/article/2026-04-01-force-ouvriere-2
  3. frenchbreaches.comhttps://frenchbreaches.com/blog/fuite-de-donnees-chez-force-ouvriere-plus-de-161-000-membres-exposes

Related incidents

Data breachOngoing

Leak at La France Insoumise

In May 2026, France's La France Insoumise party had data from its Action Populaire activist platform stolen and posted on a hacking forum, exposing some 120,000 email addresses, 20,000 phone numbers, postal addresses and member activity spanning 2017-2026.

Victim
La France Insoumise