Skip to content
Data breachUnknown

Data leak at the Haute-Garonne departmental digital media library

In May 2026, the Haute-Garonne departmental digital media library network (media31.mediatheques.fr) confirmed an intrusion after the threat actor AplaGroup exploited critical vulnerabilities and extracted user-account data on roughly 765 people.

Victim
Haute-Garonne departmental digital media library
records
765

On 22 May 2026, the Haute-Garonne departmental digital media library — the public online library network run by the Haute-Garonne département (operating the platform media31.mediatheques.fr) — confirmed a security incident affecting some of its users' data.

The intrusion was claimed on 9 May 2026 by a threat actor calling itself AplaGroup and confirmed by the media library around 21-22 May. According to the attackers, several vulnerabilities — some rated critical — were found in the platform and exploited to extract user-account data, extracts of which were then published. Roughly 765 people were potentially affected.

The exposed information related to library user accounts and associated administrative data, including details tied to registered users, their authorised access and library activity. Such data can enable direct identification of affected individuals and fuel targeted phishing, social engineering, identity theft and account-takeover attempts.

The breach was acknowledged by the media library, but no detailed remediation or regulatory outcome has been published, so the status remains unknown. Affected users should be wary of unsolicited messages referencing their library account and reset any credentials reused elsewhere.

Sources

  1. fuitesinfos.frhttps://fuitesinfos.fr/article/2026-05-22-mediatheque-departementale-numerique-de-la-haute-garonne
  2. frenchbreaches.comhttps://frenchbreaches.com/alertes/media31-mediatheques-de-haute-garonne-moyhywanwcg5po8qci

Related incidents