Skip to content
Data breachContained

Leak at Guy Demarle

French bakeware and kitchenware brand Guy Demarle disclosed in December 2024 that a cyberattack had copied part of its customer database, exposing names, postal addresses, email addresses and phone numbers; passwords and banking data were not affected.

Victim
Guy Demarle

On 3 December 2024, Guy Demarle — a French brand of silicone bakeware and kitchenware (Flexipan moulds) sold through direct home demonstrations and online — publicly confirmed that it had suffered a cyberattack resulting in the theft of part of its customer data. According to the company, the intrusion took place during the night of 12–13 October and led to a partial copy of the personal data held in its customer database.

The breach exposed personal contact details only. Guy Demarle stated that login credentials, passwords and banking information were not affected by the incident.

Exposed data categories:

  • Last name and first name
  • Postal address
  • Email address (where provided)
  • Phone number (where provided)

Guy Demarle said it acted immediately to end the intrusion and notified France's data protection authority, the CNIL, as required by law. The company warned affected customers to be alert to phishing emails and fraudulent SMS messages, to avoid clicking suspicious links, and to enable two-factor authentication where possible. No exact count of affected customers was publicly disclosed.

Sources

  1. 01net.comhttps://www.01net.com/actualites/nouveau-hack-en-france-les-donnees-de-lenseigne-guy-demarle-ont-ete-volees.html
  2. zataz.comhttps://www.zataz.com/cyberattaque-chez-guy-demarle-des-donnees-personnelles-compromises/
  3. arnaudpelletier.comhttps://www.arnaudpelletier.com/2024/12/03/nouveau-hack-en-france-les-donnees-de-lenseigne-guy-demarle-ont-ete-volees/

Related incidents

Data breachUnknown

Leak at Electro Dépôt

Customer data attributed to French electronics retailer Electro Dépôt surfaced as one of at least 17 French breaches consolidated on an open database, exposing names, contact details, IP addresses and partial payment data.

Victim
Electro Dépôt
Data breachUnknown

Leak at Go Sport

In December 2024, French sporting-goods retailer Go Sport was named in dark-web claims of a customer data leak; the alleged fresh breach was debunked, with the data tracing back to a 'go-sport.com' file in an earlier compilation of past French breaches.

Victim
Go Sport
Data breachResolved

Data leak at Sport 2000

Customer database of French sporting-goods retailer Sport 2000 — covering roughly 4.3 million people — was stolen and circulated on hacking forums and the dark web, exposing names, contact details, dates of birth and purchase history.

Victim
Sport 2000
Records
4.4M
Data breachContained

Data leak at Top Achat

On 12 December 2024, French PC-hardware e-tailer Top Achat (LDLC group) disclosed a breach exposing customer names, email and postal addresses; no passwords or payment data were affected. The intrusion was linked to an earlier compromise at parent company LDLC.

Victim
Top Achat