Skip to content
Data breachContained

Leak at Mondial Relay

In December 2025, French parcel-delivery firm Mondial Relay disclosed a cyberattack in which attackers accessed customer and shipment data — names, emails, postal addresses, phone numbers and parcel-tracking details; a dark-web actor claimed roughly 25.7 million records.

Victim
Mondial Relay

On 26 December 2025, Mondial Relay — a major French parcel pickup-point and delivery operator — disclosed that it had been hit by a cyberattack in which personal data belonging to its customers was stolen. The intrusion took place on 23 December 2025 and was detected by the company's own monitoring systems; Mondial Relay publicly acknowledged it on 27 December.

The attackers gained unauthorized access to a platform used for parcel tracking and customer support, exposing the personal data of customers and the logistics details needed to follow shipments. Mondial Relay stressed that no banking data, payment information or user passwords were compromised.

Exposed data categories included:

  • First and last name
  • Email address
  • Postal address
  • Phone number
  • Parcel/shipment numbers and references
  • Delivery status and tracking information

Mondial Relay could not initially confirm the exact number of affected records, as its forensic analysis was ongoing. A threat actor operating under the name "DumpSec" claimed on the dark web to have extracted roughly 25.7 million rows of data, tying the breach to its sister company Colis Privé as well — though this figure has not been officially confirmed by Mondial Relay. The attack came within days of a separate cyberattack on La Poste.

In response, the company suspended access to the compromised systems, notified affected customers by email, reported the breach to France's data-protection authority (CNIL) and announced its intention to file a criminal complaint. It also warned customers to be alert to phishing attempts exploiting the stolen contact details.

Sources

  1. cnews.frhttps://www.cnews.fr/vie-numerique/2025-12-28/fuite-de-donnees-chez-mondial-relay-ce-que-lon-sait-1792458
  2. usine-digitale.frhttps://www.usine-digitale.fr/cybersecurite/cyberattaque-mondial-relay-signale-un-acces-non-autorise-ayant-expose-des-donnees-personnelles.S6DJKY2JHNH3VMCLFHAIG3SJOM.html
  3. next.inkhttps://next.ink/brief_article/au-tour-de-mondial-relay-detre-pirate-avec-une-fuite-de-donnees-personnelles-des-clients/
  4. darkwebinformer.comhttps://darkwebinformer.com/alleged-data-breach-of-mondial-relay-colis-prive/

Related incidents

Data breachContained

Leak at Chronopost

In December 2025, a 680 MB dataset on ~860,000 Chronopost customers — names, emails and parcel details scraped from the La Poste Pickup relay-point network — was published on BreachForums; the data covered shipments from spring 2025.

Victim
Chronopost
Records
860.0K
Data breachContained

Leak at Colis Privé

In November 2025, French parcel-delivery firm Colis Privé disclosed unauthorized access to part of its systems that exposed customer contact data — names, postal and email addresses and phone numbers. A threat actor advertised a dataset reportedly running to tens of millions of rows; no passwords or banking data were affected.

Victim
Colis Privé
Data breachContained

Leak at Digital Charging Solutions

In September 2025, EV-charging billing provider Digital Charging Solutions disclosed that a contracted third-party service provider had accessed customer records without authorization, exposing names and email addresses of an initial single-digit number of affected users.

Victim
Digital Charging Solutions
Data breachContained

Leak at Autosur

Autosur, a major French vehicle-inspection network, suffered a data breach exposing personal and vehicle records of millions of customers — names, emails, postal addresses, phone numbers, license plates and vehicle details — advertised for sale on a cybercrime forum.

Victim
Autosur