Skip to content
Data breachUnknown

Leak at PayTrip

On 27 December 2025, French money-transfer fintech PayTrip suffered a data breach exposing data on 74,877 customers, including names, contact details, IBANs and account balances, later circulated online by a threat actor.

Victim
PayTrip
records
74.9K

On 27 December 2025, PayTrip β€” a French fintech (founded 2019) offering cross-border money transfers, European IBAN accounts and Visa payment cards, aimed largely at people sending money to family abroad β€” was hit by a data breach affecting 74,877 customers. The disclosure came amid a wave of leaks targeting French companies over the holiday period.

A threat actor operating under the handle "Ced_haurus" obtained the customer records and circulated them online. Reporting attributes the incident to the exploitation of persistent vulnerabilities in exposed information systems, though PayTrip has not published a detailed technical account of the intrusion.

The exposed data is particularly sensitive because it combines identity, contact and banking information. Categories included:

  • Last name and first name
  • Email address
  • Postal address
  • Phone number
  • IBAN (bank account number)
  • Account balance

The combination of IBANs and account balances is especially concerning, as it can facilitate immediate financial fraud, targeted phishing and SEPA direct-debit abuse against affected customers. As of disclosure, the scope had been reported publicly but no detailed remediation or regulatory outcome had been confirmed, so the incident status remains unknown.

Sources

  1. presse83.frhttps://presse83.fr/2025/12/28/fuites-informatiques-qui-cible-les-entreprises-ce-27-decembre/
  2. paytrip.frhttps://www.paytrip.fr/en/
  3. bonjourlafuite.eu.orghttps://bonjourlafuite.eu.org/#PayTrip-2025-12-27

Related incidents

Data breachContained

Data leak at UTwin

On 5 March 2025, French borrower-insurance broker UTwin notified clients that an intrusion into its IT system had temporarily exposed identity details, email addresses and phone numbers; the company said no banking, medical or contract data was affected.

Victim
UTwin
Data breachContained

Leak at Mutuelle des Motards

In February 2025, French motorcycle insurer Mutuelle des Motards suffered a breach of a marketing contact database, exposing names, email addresses, phone numbers and postal codes of more than 1.3 million members.

Victim
Mutuelle des Motards
Records
1.3M
Data breachUnknown

23,685 records: claimed leak at ATOA

A threat actor put a database from ATOA β€” a French real-estate tokenization and fractional-investment fintech β€” up for sale on a dark web forum, exposing roughly 23,685 user and financial records plus 326 full KYC archives containing passports, ID cards and banking details.

Victim
ATOA
Records
23.7K