Skip to content
Data breachOngoing

Leak at La France Insoumise

In May 2026, France's La France Insoumise party had data from its Action Populaire activist platform stolen and posted on a hacking forum, exposing some 120,000 email addresses, 20,000 phone numbers, postal addresses and member activity spanning 2017-2026.

Victim
La France Insoumise

On 9 May 2026, La France Insoumise — the French left-wing political party led by Jean-Luc Mélenchon — confirmed that personal data had been stolen from Action Populaire (actionpopulaire.fr), the online platform it uses to organise grassroots groups, events and activist exchanges. The breach was first surfaced on 7 May, when an individual using the alias "fuzzeddffmepg" posted a dump of the platform's data on a cybercrime forum.

The attacker claimed to have fully compromised the platform by exploiting an outdated backend, mockingly describing the infrastructure as obsolete and threatening to release further extractions, including email-server data. The data reportedly covers nearly nine years of activity, from 2017 to 2026.

Exposed data categories reportedly include:

  • First and last names
  • Email addresses (around 120,000 unique)
  • Phone numbers (around 20,000)
  • Postal addresses (some linked to payments)
  • Profile information and group/event participation
  • Private messages and internal exchanges
  • Certain payment and subscription data

LFI national coordinator Manuel Bompard acknowledged that data tied to some users may have been compromised, while disputing claims that the entire user database had been exposed. The party filed a criminal complaint and notified the data-protection authority CNIL and cybersecurity agency ANSSI. The Paris prosecutor confirmed an investigation is under way following ANSSI's report, and the full scope of the breach remains under verification.

Sources

  1. next.inkhttps://next.ink/brief-article/la-france-insoumise-victime-dun-vol-de-donnees-personnelles/
  2. korben.infohttps://korben.info/les-donnees-de-120-000-adherents-lfi-dans-la-nature.html
  3. frenchbreaches.comhttps://frenchbreaches.com/blog/la-france-insoumise-visee-par-une-fuite-de-donnees-revendiquee-par-un-hacker

Related incidents