Skip to content
Data breachUnknown

Gold Union: more than 120,000 gold buyers exposed with ID documents and transactions

In April 2026, French precious-metals dealer Gold Union suffered a data breach exposing records on more than 126,000 customers (2023-2026), including identities, addresses, transaction histories, IBANs and around 6,000 ID-card copies.

Victim
Gold Union
records
126.0K

On 2 April 2026, Gold Union β€” a major French dealer in the buying and selling of gold and silver to private individuals, operating around 100 agencies nationwide β€” was reported to have suffered a critical data breach exposing the personal and financial records of more than 126,000 customers, with data spanning 2023 to 2026.

Because French anti-money-laundering rules require precious-metals dealers to verify and record the identity of sellers, the exposed database was unusually sensitive. It included roughly 6,000 copies of national ID cards (both sides), alongside full identities, postal addresses, contact details and detailed transaction records.

Exposed data categories reportedly included:

  • Full names and postal addresses
  • Email addresses and phone numbers
  • Transaction history (dates and amounts) and invoices
  • IBAN / bank account details for some customers
  • Around 6,000 identity-document copies (front and back of national ID cards)

The combination of home addresses, gold-purchase histories, ID copies and banking details creates an acute risk of identity theft, bank fraud and even targeted physical burglary, since the data effectively maps which individuals are likely to hold valuable assets at home. As of reporting, no confirmed public statement or remediation timeline from Gold Union had been published, and the breach's status remains unclear.

Sources

  1. cyberattaque.orghttps://www.cyberattaque.org/gold-union-fuite-critique-avec-documents-didentite-et-donnees-bancaires-exposes/
  2. le-droit.frhttps://www.le-droit.fr/blog/fuite-donnees-gold-union-avril-2026
  3. cryptoast.frhttps://cryptoast.fr/fuite-donnees-gold-union-implique-pour-securite-detenteurs-or/

Related incidents

Data breachOngoing

1,528 contacts at Nature & Cie, claimed leak

In late May 2026, a B2B commercial database attributed to French organic-food distributor Nature & Cie surfaced on a cybercriminal forum, exposing roughly 5,635 stores, over 1,500 professional contacts and around 1,500 sales-visit reports covering Biocoop, Naturalia and La Vie Claire partners.

Victim
Nature & Cie
Records
1.5K