Leak at Les Champs Libres
On 26 March 2026, a breach at Les Champs Libres — the public cultural complex in Rennes — exposed user account data including names, email addresses, phone numbers and plain-text passwords.
- Victim
- Les Champs Libres
On 26 March 2026, Les Champs Libres — the public cultural complex in Rennes that brings together the Bibliothèque de Rennes Métropole, the Musée de Bretagne and the Espace des Sciences — was reported to have suffered a leak of personal data belonging to its users.
The exposed records concerned account holders and included a particularly damaging combination of identity and login data. According to the disclosure, the leak was confirmed and notably included passwords stored in plain text rather than hashed, making the affected accounts immediately usable for attackers.
Exposed data categories:
- First and last names
- Email addresses
- Phone numbers
- Passwords (stored in clear text)
The number of affected users was not disclosed. The incident was flagged as high-priority by breach trackers, which urged affected users to change their passwords immediately — especially where the same password may have been reused on other services. As of reporting, no public statement detailing the attack vector, scale or remediation had been confirmed by the establishment, and the incident status remains unknown.
Sources
- bonjourlafuite.eu.orghttps://bonjourlafuite.eu.org/#Les%20Champs%20Libres-2026-03-26
- itsense.frhttps://www.itsense.fr/fuites-donnees-premier-trimestre-2026/