Skip to content
Data breachContained

Leak at Le Slip Français

In April 2024, French apparel brand Le Slip Français disclosed a customer data breach exposing names, phone numbers, postal and email addresses and order numbers; roughly 1.5 million email addresses and close to 700,000 full customer profiles were affected. No passwords or payment data were involved.

Victim
Le Slip Français

On 15 April 2024, Le Slip Français — a well-known French clothing and underwear brand — disclosed that customer personal data had been stolen and was circulating on a cybercrime forum. A seller using the alias "ShopifyGUY" had advertised the exfiltrated dataset for download a few days earlier, on 13 April.

The exposed records covered roughly 1.5 million email addresses, with close to 700,000 complete customer profiles among them. Crucially, the company stressed that no account passwords or payment card details were part of the leaked data.

Exposed data categories:

  • First and last names
  • Phone numbers
  • Postal addresses
  • Email addresses
  • Order numbers (in some cases)

The brand said it blocked the leak once detected, stood up a crisis unit with external cybersecurity experts, and notified affected customers by email. It filed a criminal complaint for fraudulent access to an automated data-processing system and reported the breach to France's data protection authority, the CNIL. Customers were warned to watch for phishing attempts and identity-theft attempts leveraging the stolen contact details.

Sources

  1. journaldugeek.comhttps://www.journaldugeek.com/2024/04/18/piratage-que-sait-on-du-hack-massif-de-cette-marque-francaise/
  2. next.inkhttps://next.ink/brief_article/fuite-de-donnees-personnelles-chez-le-slip-francais/
  3. cnews.frhttps://www.cnews.fr/vie-numerique/2024-04-17/fuite-des-donnees-chez-le-slip-francais-quelles-sont-les-donnees-concernees

Related incidents

Data breachUnknown

Leak at Electro Dépôt

Customer data attributed to French electronics retailer Electro Dépôt surfaced as one of at least 17 French breaches consolidated on an open database, exposing names, contact details, IP addresses and partial payment data.

Victim
Electro Dépôt
Data breachUnknown

Leak at Go Sport

In December 2024, French sporting-goods retailer Go Sport was named in dark-web claims of a customer data leak; the alleged fresh breach was debunked, with the data tracing back to a 'go-sport.com' file in an earlier compilation of past French breaches.

Victim
Go Sport
Data breachResolved

Data leak at Sport 2000

Customer database of French sporting-goods retailer Sport 2000 — covering roughly 4.3 million people — was stolen and circulated on hacking forums and the dark web, exposing names, contact details, dates of birth and purchase history.

Victim
Sport 2000
Records
4.4M
Data breachContained

Data leak at Top Achat

On 12 December 2024, French PC-hardware e-tailer Top Achat (LDLC group) disclosed a breach exposing customer names, email and postal addresses; no passwords or payment data were affected. The intrusion was linked to an earlier compromise at parent company LDLC.

Victim
Top Achat