Skip to content
Data breachUnknown

Leak at France Ventilation

On 12 December 2025, France Ventilation, a French ventilation and air-treatment specialist, disclosed a data breach that exposed customers' payment card details — card number, expiration date and CVV — raising a direct risk of banking fraud.

Victim
France Ventilation

On 12 December 2025, France Ventilation — a French specialist in ventilation and air-treatment systems — disclosed that it had fallen victim to a cyberattack that compromised its customers' banking information.

According to the public alert from cybersecurity researcher Clément Domingo (SaxX), the exposed data included full payment card details, putting affected customers at direct risk of banking fraud. The company acknowledged that customers' banking credentials had been leaked.

Exposed data categories included:

  • Payment card number
  • Card expiration date
  • CVV (card verification value)

The exact attack vector and the number of customers affected were not publicly confirmed. Because the leak contained complete card data (number, expiry and CVV together), affected customers were urged to monitor their accounts and consider having their cards reissued. The status of the company's remediation and any regulatory notification to the CNIL was not disclosed at the time of reporting.

Sources

  1. x.comhttps://x.com/_SaxX_/status/1999499427099136245
  2. fr.linkedin.comhttps://fr.linkedin.com/posts/clementdomingo_cyberalert-france-france-ventilation-activity-7405265540413399040-8KyM

Related incidents

Data breachContained

Data leak at La Quiberonnaise

In early April 2026, the French cannery La Quiberonnaise confirmed that unauthorized access to its systems exposed customer personal data — names, postal addresses, email addresses and phone numbers — with the company notifying affected clients by email and reporting the breach to the CNIL.

Victim
La Quiberonnaise
Data breachContained

Data leak at Volkswagen

A misconfigured Amazon cloud storage system run by Volkswagen software subsidiary Cariad exposed data on about 800,000 EV owners across VW, Audi, Seat and Skoda, including contact details and precise vehicle location data for roughly 466,000 cars.

Victim
Volkswagen
Records
800.0K