Skip to content
Cyber Breaches
Search
Data breachResolved

MC2 Data data breach (2024)

In August 2024, data aggregator MC2 Data left a database publicly accessible without a password which was subsequently discovered by a security researcher. The breach exposed the personal information of 2.1M subscribers to the service which was marketed under a series of different brand names.

Victim
MC2 Data
records
2.1M
SectorFinance

Imported from Have I Been Pwned — pending editorial review and translation to French. The summary below is machine-extracted; consult the source for details.

In 2024-08-18, MC2 Data was affected by a data breach. Approximately 2,122,280 accounts were exposed. In August 2024, data aggregator MC2 Data left a database publicly accessible without a password which was subsequently discovered by a security researcher. The breach exposed the personal information of 2.1M subscribers to the service which was marketed under a series of different brand names.

Sources

  1. haveibeenpwned.comhttps://haveibeenpwned.com/PwnedWebsites#MC2Data

Related incidents

Data breachContained

Leak at Banque de France

On 23 November 2024, the threat actor Near2tlg advertised data allegedly stolen from France's central bank; the Banque de France denied any compromise of its secure systems, acknowledging only brief unauthorized access to an HR extranet with no sensitive data exposed.

Victim
Banque de France
Data breachResolved

Yonéma data breach (2024)

In November 2024, data from the Senegalese payment platform Yonéma was posted to a popular hacking forum. The data included 36k unique email addresses alongside phone numbers, names and what appears to be encrypted passwords and dates of birth.

Victim
Yonéma
Records
36.0K
Data breachContained

Leak at Direct Assurance

In November 2024, French online insurer Direct Assurance was breached via a compromised employee account, exposing personal data of roughly 15,000 clients and prospects — including the IBAN/RIB banking details of about 5,800 of them — later offered for sale online.

Victim
Direct Assurance
Records
15.0K
Data breachResolved

1win data breach (2024)

In November 2024, the online betting platform 1win suffered a data breach that exposed 96M users. The exposed data included email and IP addresses, phone numbers, dates of birth, country and SHA-256 password hashes.

Victim
1win
Records
96.2M