Leak at Marseille-Provence Metropolis
On 24 March 2026, the Métropole Aix-Marseille-Provence disclosed a data leak stemming from a compromised subcontractor, potentially exposing around 19,728 user accounts, including email addresses, names and passwords.
- Victim
- Marseille-Provence Metropolis
- records
- 19.7K
On 24 March 2026, the Métropole Aix-Marseille-Provence — the public inter-municipal authority covering Marseille, Aix-en-Provence and surrounding towns in the Bouches-du-Rhône — disclosed a data leak affecting users of its online services. The breach did not originate in the Metropolis' own systems but with one of its subcontractors, which was targeted on the evening of 23 March 2026.
The compromise of the third-party provider potentially exposed around 19,728 user accounts. According to the breach-tracking platforms that indexed the leak, the exposed data included:
- Email addresses
- First and last names
- Passwords
In response, the Metropolis opened investigations to identify the source of the leak and temporarily blocked access to its metropolitan applications for the affected accounts. Impacted users were required to reset their passwords before reconnecting, and the authority said it would notify potentially affected individuals if the leak was confirmed.
At the time of disclosure the incident was still under investigation, with the Metropolis treating the scope as preliminary pending verification.
Sources
- francebleu.frhttps://www.francebleu.fr/provence-alpes-cote-d-azur/bouches-du-rhone-13/fuite-de-donnees-a-la-metropole-aix-marseille-provence-pres-de-20-000-comptes-d-usagers-potentiellement-concernes-4466402
- marsactu.frhttps://marsactu.fr/bref/metropole-aix-marseille-provence-pres-de-20-000-personnes-victimes-dune-fuite-de-donnees/