Skip to content
Data breachUnknown

Data attributed to French real-estate network IAD listed for sale after alleged breach

Data purportedly stolen from IAD, France's largest real-estate agent network, was put up for sale on a cybercrime forum, with the sellers claiming records on some 3.8 million people.

Victim
IAD Group

On 2 July 2026, a database attributed to IAD Group β€” the parent of iad France, the country's largest network of self-employed real-estate agents β€” was advertised for sale on a cybercrime forum by threat actors using the handles ChimeraZ and misere. Founded in 2008 and headquartered in Lieusaint, south-east of Paris, iad operates without physical branches and relies on more than 15,000 advisers across France, making the alleged trove unusually broad in its potential reach. At the time of reporting the claim was unverified and had not been confirmed by IAD.

According to the listing, the data is split into two parts. The first is a 14.3 GB JSON database said to contain 2,041,743 records relating to roughly 3,834,564 people. The second is a far larger 966.3 GB collection of 397,779 PDF files described as documents tied to clients, advisers, properties and contracts. The sellers characterise the dataset as spanning the real-estate ecosystem β€” leads, property projects, advisers and agents, mandates, referrals, events, training and partners β€” alongside the document cache.

An alleged sector-wide campaign

The IAD listing is presented as one instalment in a broader operation. The same actors claim to have extracted, between 8 and 30 June 2026, more than 60 million records concerning over 50 million people across the French property sector, publishing the results across more than 25 separate posts. Several French breach-tracking outlets have logged a run of real-estate leaks over the same period, though the scale, provenance and de-duplicated headcount of these claims remain to be independently established.

Why it matters

If genuine, a leak combining structured client and adviser records with hundreds of thousands of contract and property documents would expose exactly the kind of information β€” identities, contact details, transaction histories and signed paperwork β€” that fuels targeted fraud, impersonation of estate agents and convincing real-estate scams. The claim also underscores how a single network intermediating a large share of a national market concentrates personal data that becomes a high-value target. Until IAD confirms whether any breach occurred and what, if anything, was taken, the figures above should be read as unverified assertions by the sellers rather than an established account of the incident.

Timeline

  1. End of the 8–30 June window during which the sellers claim to have harvested more than 60 million records on over 50 million people across the French real-estate sector, spread over 25-plus separate leak posts.

  2. A database attributed to IAD Group is advertised for sale on a cybercrime forum by actors using the handles ChimeraZ and misere.

Sources

  1. cyberattaque.orghttps://www.cyberattaque.org/iad-group-38-millions-de-personnes-et-966-go-de-documents-clients-en-fuite-apres-une-cyberattaque/
  2. frenchbreaches.comhttps://frenchbreaches.com/alertes/iad-groupe-mr1iumodr3zkls2u7z

Related incidents

Data breachOngoing

Leak at La France Insoumise

In May 2026, France's La France Insoumise party had data from its Action Populaire activist platform stolen and posted on a hacking forum, exposing some 120,000 email addresses, 20,000 phone numbers, postal addresses and member activity spanning 2017-2026.

Victim
La France Insoumise