713,814 people affected by a claimed data leak at ImmoJeune
On 5 March 2026, a database of 713,814 people who had submitted rental applications on the French student-housing platform ImmoJeune was offered for sale on a cybercrime forum, exposing names, emails, phone numbers, postal addresses and income details.
- Victim
- ImmoJeune
- records
- 713.8K
On 5 March 2026, ImmoJeune — a French online platform that connects students and young professionals with rental housing — became the subject of a data-breach claim when a seller offered a database of 713,814 people on a cybercrime forum. The records belonged to individuals who had submitted rental applications through the service.
ImmoJeune later confirmed the security incident in an email to its users. The intrusion did not stem from a direct compromise of ImmoJeune's own systems: attackers reused login credentials belonging to a real-estate agency client to access the ImmoJeunePro professional backend and extract applicant data.
The exposed information reportedly included:
- Full names, email addresses and phone numbers
- Postal addresses
- Income-related information
- For more recent applicants, identity documents and income-verification files
The company stated that passwords, banking data and social security numbers were not affected. In response, ImmoJeune blocked the compromised accounts and replaced password-based authentication with a unique-link access system. It warned users that the exposed rental application data could fuel targeted fraud and identity-theft attempts.
Sources
- fuitesinfos.frhttps://fuitesinfos.fr/article/2026-03-05-immojeune
- cyberattaque.orghttps://www.cyberattaque.org/immojeune-fuite-de-donnees-confirmee-apres-un-acces-frauduleux/
- frenchbreaches.comhttps://frenchbreaches.com/blog/piratage-immojeune-plus-de-713-000-candidats-au-logement-etudiant-potentiellement-exposes