21,647 people affected by a data leak at Inria
Disclosed on 31 January 2026, a confirmed data leak at France's Inria research institute exposed personal records of about 21,647 staff and collaborators from Inria, IRISA and partner research units, including names, dates of birth, postal addresses and household details.
- Victim
- Inria (Institut National de Recherche en Informatique et en Automatique)
- records
- 21.6K
On 31 January 2026, Inria — France's national institute for research in digital science, computer science and applied mathematics — was reported to have suffered a confirmed leak of personal data affecting around 21,647 people. Those affected include Inria staff together with personnel of the IRISA joint research unit and numerous academic and industrial research partners across France.
The incident is part of a broader wave of intrusions that has hit French research and higher-education institutions since the autumn of 2025, in which compromised accounts have repeatedly been used to exfiltrate administrative personnel records. The exposed dataset has the hallmarks of an administrative/HR source rather than scientific work.
Reported categories of exposed data include:
- First and last names
- Dates of birth
- Full postal addresses
- Household composition and profile
- Role and family relationship within the household
- Internal person/household identifiers
- Record-creation dates and associated administrative information
The number of affected individuals is well established (~21,647), but the precise intrusion vector and the institute's remediation steps have not been publicly detailed, so the resolution status remains unclear. No ransomware or extortion claim has been specifically tied to this incident.
Sources
- fuitesinfos.frhttps://fuitesinfos.fr/article/2026-01-31-inria-institut-national-de-recherche-en-informatique-et-en-a
- idprotect.frhttps://idprotect.fr/cyberattaques-universites-decembre-2025/
- usine-digitale.frhttps://www.usine-digitale.fr/cybersecurite/fuite-massive-de-donnees-dans-leducation-nationale-une-intrusion-via-un-compte-compromis-expose-les-donnees-de-243-000-agents.5OGZJFEWYJCTFMKUCML7IYYN3A.html