Skip to content
Data breachContained

Leak at Mutuelle des Motards

In February 2025, French motorcycle insurer Mutuelle des Motards suffered a breach of a marketing contact database, exposing names, email addresses, phone numbers and postal codes of more than 1.3 million members.

Victim
Mutuelle des Motards
records
1.3M

On 13 February 2025, Mutuelle des Motards β€” France's mutual insurer dedicated to motorcyclists (Assurance Mutuelle des Motards) β€” disclosed a data breach affecting more than 1.3 million members. The insurer detected the incident around 10 February 2025, after data was put up for sale on a cybercrime forum by an attacker using the alias "Lanvin," a then-little-known actor also linked to a breach of the Taobento restaurant chain.

According to the insurer's statement to members, an unauthorized third party gained access to a marketing contact-management tool holding members' contact details. The exposed records contained personal contact information but, per the company, no passwords, banking details, postal addresses or dates of birth.

Data exposed included:

  • First and last name
  • Email address (provided for a subset of members)
  • Phone number
  • Postal code

Mutuelle des Motards notified the French data-protection authority (CNIL) and the insurance regulator (ACPR), and informed the affected individuals it was able to identify. The insurer warned members of the heightened risk of phishing, fraudulent calls and identity theft stemming from the exposed contact data.

Sources

  1. zataz.comhttps://www.zataz.com/fuite-de-donnees-chez-mutuelle-des-motards-plus-d13-million-dutilisateurs-impactes/
  2. mutuelledesmotards.frhttps://www.mutuelledesmotards.fr/information-aux-societaires-de-la-mutuelle-des-motards
  3. next.inkhttps://next.ink/brief_article/nouvelle-fuite-de-donnees-la-mutuelle-des-motards-piratee/
  4. motoplanete.comhttps://www.motoplanete.com/actualite-moto/articles/18402/fuite-massive-de-donnees-une-assurance-moto-impactee/page.html

Related incidents

Data breachUnknown

Leak at PayTrip

On 27 December 2025, French money-transfer fintech PayTrip suffered a data breach exposing data on 74,877 customers, including names, contact details, IBANs and account balances, later circulated online by a threat actor.

Victim
PayTrip
Records
74.9K
Data breachContained

Data leak at UTwin

On 5 March 2025, French borrower-insurance broker UTwin notified clients that an intrusion into its IT system had temporarily exposed identity details, email addresses and phone numbers; the company said no banking, medical or contract data was affected.

Victim
UTwin
Data breachUnknown

23,685 records: claimed leak at ATOA

A threat actor put a database from ATOA β€” a French real-estate tokenization and fractional-investment fintech β€” up for sale on a dark web forum, exposing roughly 23,685 user and financial records plus 326 full KYC archives containing passports, ID cards and banking details.

Victim
ATOA
Records
23.7K