Skip to content
Data breachContained

Data leak at Nemea Groupe confirmed by the company

Nemea Groupe, a French operator of student residences, tourist residences and apart'hotels, confirmed a data breach affecting rental applicants after attacker ChimeraZ exfiltrated a database covering about 12,590 individuals, exposing identity, contact, banking and scanned ID documents.

Victim
Nemea Groupe
records
12.6K

On 22 May 2026, Nemea Groupe — a French operator of student residences, tourist residences, apart'hotels and rental-management services — confirmed a data breach to affected people in an email, notably to those who had submitted a rental application. The incident had first surfaced on 28 April 2026, when a threat actor using the alias ChimeraZ claimed on a cybercriminal forum to hold and distribute data extracted from the group's systems.

The leaked dataset, sized at roughly 7 GB, contained nearly 330,000 cumulative records (leases, rent receipts, dunning notices and similar documents). Technical analysis tied these to about 12,590 unique individuals and organisations — the people actually affected. More than a thousand scanned official documents, including ID cards and passports, were among the files circulating on the forum.

The exposed data included:

  • Identity details (name, date of birth, place of birth)
  • Contact information (full postal address, email, phone number)
  • Administrative and rental records (references, leases, rent receipts, invoices)
  • Tax information (including VAT details)
  • Banking data (IBANs, partially masked)
  • Scanned official documents and identity papers (ID cards, passports)

The combination of identity, banking and official-document data exposes affected individuals to identity theft, banking fraud, targeted phishing and rental-related scams. After early reporting noted no formal notice to victims, Nemea Groupe subsequently confirmed the incident and emailed affected applicants. The full origin and authenticity of every file in the leak had not been independently verified at the time of disclosure.

Sources

  1. fuitesinfos.frhttps://fuitesinfos.fr/article/2026-05-22-nemea-groupe
  2. fuitesinfos.frhttps://fuitesinfos.fr/article/2026-04-28-nemea
  3. cyberattaque.orghttps://www.cyberattaque.org/groupe-nemea-330-000-clients-et-locataires-potentiellement-touches-par-une-fuite-de-donnees/
  4. frenchbreaches.comhttps://frenchbreaches.com/alertes/nemea-groupe-moik15b9vx3rf48rfaa
  5. info.frhttps://info.fr/fuite-nemea-1000-pieces-identite-vente-forum-cybercriminel/

Related incidents