Leak at Mondial Relay
In December 2025, French parcel-delivery firm Mondial Relay disclosed a cyberattack in which attackers accessed customer and shipment data — names, emails, postal addresses, phone numbers and parcel-tracking details; a dark-web actor claimed roughly 25.7 million records.
- Victim
- Mondial Relay
On 26 December 2025, Mondial Relay — a major French parcel pickup-point and delivery operator — disclosed that it had been hit by a cyberattack in which personal data belonging to its customers was stolen. The intrusion took place on 23 December 2025 and was detected by the company's own monitoring systems; Mondial Relay publicly acknowledged it on 27 December.
The attackers gained unauthorized access to a platform used for parcel tracking and customer support, exposing the personal data of customers and the logistics details needed to follow shipments. Mondial Relay stressed that no banking data, payment information or user passwords were compromised.
Exposed data categories included:
- First and last name
- Email address
- Postal address
- Phone number
- Parcel/shipment numbers and references
- Delivery status and tracking information
Mondial Relay could not initially confirm the exact number of affected records, as its forensic analysis was ongoing. A threat actor operating under the name "DumpSec" claimed on the dark web to have extracted roughly 25.7 million rows of data, tying the breach to its sister company Colis Privé as well — though this figure has not been officially confirmed by Mondial Relay. The attack came within days of a separate cyberattack on La Poste.
In response, the company suspended access to the compromised systems, notified affected customers by email, reported the breach to France's data-protection authority (CNIL) and announced its intention to file a criminal complaint. It also warned customers to be alert to phishing attempts exploiting the stolen contact details.
Sources
- cnews.frhttps://www.cnews.fr/vie-numerique/2025-12-28/fuite-de-donnees-chez-mondial-relay-ce-que-lon-sait-1792458
- usine-digitale.frhttps://www.usine-digitale.fr/cybersecurite/cyberattaque-mondial-relay-signale-un-acces-non-autorise-ayant-expose-des-donnees-personnelles.S6DJKY2JHNH3VMCLFHAIG3SJOM.html
- next.inkhttps://next.ink/brief_article/au-tour-de-mondial-relay-detre-pirate-avec-une-fuite-de-donnees-personnelles-des-clients/
- darkwebinformer.comhttps://darkwebinformer.com/alleged-data-breach-of-mondial-relay-colis-prive/