Skip to content
Supply chainContained

Leak at Saint-Aubin d'Aubigné town hall (via RDV360)

Saint-Aubin d'Aubigné town hall disclosed on 24 November 2025 that residents' contact details were exposed through its appointment-booking provider RDV360, one of ~1,300 French municipalities hit in a third-party breach of ID/passport booking data.

Victim
Saint-Aubin d'Aubigné town hall

On 24 November 2025, the Saint-Aubin d'Aubigné town hall — a small commune in Ille-et-Vilaine, Brittany — informed residents that their personal data had been exposed in a breach of RDV360, the third-party platform it uses for online appointment booking. The town hall was not hacked directly; it was one of roughly 1,300 French municipalities caught up in a wider compromise of the appointment-scheduling providers RDV360 and Synbird, which handle bookings for national identity card and passport applications.

The attackers reportedly reused credentials leaked in earlier breaches to access a municipal employee's account, then exploited a software vulnerability in the providers' systems to export stored booking records. A cybercriminal group referring to itself as "dumpsec" has been linked to the campaign, which affected appointment data ranging from 2021 through November 2025.

Exposed data was limited to contact and appointment details:

  • First and last name
  • Email address
  • Phone number
  • Postal code / commune
  • Type of procedure (ID card, passport) and appointment date

RDV360 stated that no sensitive data — passwords, identity documents, or banking information — was compromised. The provider said it had patched the flaw and begun the required regulatory steps. Affected municipalities were directed to notify the CNIL and file complaints, with the matter handled in coordination with ANSSI and the Paris prosecutor's cybercrime unit. Residents were warned to be alert to phishing and fraudulent contact attempts using the leaked details.

Sources

  1. lagazettedescommunes.comhttps://www.lagazettedescommunes.com/1013192/cybersecurite-cyberattaque-plateformes-de-reservation-ces-collectivites-victimes-de-la-defaillance-de-leurs-fournisseurs/
  2. next.inkhttps://next.ink/211076/des-fuites-de-donnees-non-sensibles-dans-1-300-mairies-les-intermediaires-cibles/
  3. banquedesterritoires.frhttps://www.banquedesterritoires.fr/fuite-de-donnees-dans-1300-communes-les-prestataires-en-cause

Related incidents

Supply chainContained

Leak at La Rochelle (via Synbird)

Personal data of 394 La Rochelle residents who booked civil-status appointments was exposed after an attacker exploited a flaw in Synbird, the town hall's third-party appointment-scheduling provider, which serves roughly 1,300 French communes.

Victim
La Rochelle
Records
394
Supply chainContained

Leak at Quimper town hall (via RDV360)

In November 2025, the city of Quimper (France) was caught in a supply-chain breach of appointment-booking provider RDV360, exposing roughly 12,000 contact records (name, postal code, email, phone) of residents who booked ID-card or passport renewals since April 2024.

Victim
Quimper town hall
Records
12.0K