Gold Union: more than 120,000 gold buyers exposed with ID documents and transactions
In April 2026, French precious-metals dealer Gold Union suffered a data breach exposing records on more than 126,000 customers (2023-2026), including identities, addresses, transaction histories, IBANs and around 6,000 ID-card copies.
- Victim
- Gold Union
- records
- 126.0K
On 2 April 2026, Gold Union β a major French dealer in the buying and selling of gold and silver to private individuals, operating around 100 agencies nationwide β was reported to have suffered a critical data breach exposing the personal and financial records of more than 126,000 customers, with data spanning 2023 to 2026.
Because French anti-money-laundering rules require precious-metals dealers to verify and record the identity of sellers, the exposed database was unusually sensitive. It included roughly 6,000 copies of national ID cards (both sides), alongside full identities, postal addresses, contact details and detailed transaction records.
Exposed data categories reportedly included:
- Full names and postal addresses
- Email addresses and phone numbers
- Transaction history (dates and amounts) and invoices
- IBAN / bank account details for some customers
- Around 6,000 identity-document copies (front and back of national ID cards)
The combination of home addresses, gold-purchase histories, ID copies and banking details creates an acute risk of identity theft, bank fraud and even targeted physical burglary, since the data effectively maps which individuals are likely to hold valuable assets at home. As of reporting, no confirmed public statement or remediation timeline from Gold Union had been published, and the breach's status remains unclear.
Sources
- cyberattaque.orghttps://www.cyberattaque.org/gold-union-fuite-critique-avec-documents-didentite-et-donnees-bancaires-exposes/
- le-droit.frhttps://www.le-droit.fr/blog/fuite-donnees-gold-union-avril-2026
- cryptoast.frhttps://cryptoast.fr/fuite-donnees-gold-union-implique-pour-securite-detenteurs-or/