Skip to content
Data breachContained

Leak at La Poste

In March 2025, French postal operator La Poste disclosed a breach of its 'Élection du Timbre' platform exposing personal data of about 50,000 users — names, year of birth, email, phone and postal addresses — which was put up for sale online by an attacker.

Victim
La Poste
records
50.0K

On 4 March 2025, La Poste — France's national postal operator — was reported to have suffered a data breach affecting roughly 50,000 users of its "Élection du Timbre" (Stamp Election) website. The leak was first revealed by the security outlet ZATAZ after an attacker using the alias "h4tr3d w0rld" offered a CSV file of customer data for sale on an underground forum, negotiating the price via Telegram. The attacker claimed the data had been extracted on 25 February 2025.

The exposed records concerned participants in the stamp-design vote and included:

  • First and last names
  • Year of birth
  • Email addresses
  • Phone numbers
  • Postal addresses

La Poste confirmed that no banking data and no passwords were compromised. After being alerted, the company took the "Élection du Timbre" site offline for maintenance, identified the entry point used by the attacker, and notified affected customers by email about five days after the initial disclosure.

La Poste reported the incident to France's data-protection authority (CNIL) and filed a criminal complaint with the judicial authorities. It warned the affected users to be especially vigilant against phishing attempts — fraudulent emails, SMS or calls impersonating La Poste — given the nature of the contact details exposed.

Sources

  1. zataz.comhttps://www.zataz.com/fuite-de-donnees-a-la-poste-lentreprise-alerte-les-clients-impactes/
  2. journaldugeek.comhttps://www.journaldugeek.com/2025/03/07/alerte-chez-la-poste-des-milliers-dutilisateurs-victimes-dune-fuite-de-donnees/

Related incidents

Data breachContained

Leak at Mondial Relay

In December 2025, French parcel-delivery firm Mondial Relay disclosed a cyberattack in which attackers accessed customer and shipment data — names, emails, postal addresses, phone numbers and parcel-tracking details; a dark-web actor claimed roughly 25.7 million records.

Victim
Mondial Relay
Data breachContained

Leak at Chronopost

In December 2025, a 680 MB dataset on ~860,000 Chronopost customers — names, emails and parcel details scraped from the La Poste Pickup relay-point network — was published on BreachForums; the data covered shipments from spring 2025.

Victim
Chronopost
Records
860.0K
Data breachContained

Leak at Colis Privé

In November 2025, French parcel-delivery firm Colis Privé disclosed unauthorized access to part of its systems that exposed customer contact data — names, postal and email addresses and phone numbers. A threat actor advertised a dataset reportedly running to tens of millions of rows; no passwords or banking data were affected.

Victim
Colis Privé
Data breachContained

Leak at Digital Charging Solutions

In September 2025, EV-charging billing provider Digital Charging Solutions disclosed that a contracted third-party service provider had accessed customer records without authorization, exposing names and email addresses of an initial single-digit number of affected users.

Victim
Digital Charging Solutions