47,561 subscribers - claimed data leak at Philharmonie de Paris
On 6 January 2026, a database from the Philharmonie de Paris's 'Philharmonie à la Demande' (PAD) music platform was published online, exposing 47,561 accounts — names, email addresses, logins and professional profiles — in a leak claimed by an actor known as HexDex2.
- Victim
- Philharmonie de Paris (PAD)
- records
- 47.6K
On 6 January 2026, the Philharmonie de Paris — France's flagship concert hall and cultural institution at the Cité de la Musique — saw a database from its "Philharmonie à la Demande" (PAD) online music service published on a leak forum. The exfiltration is believed to have taken place around 25 December 2025, and the dataset was posted publicly on 6 January by an actor using the handle HexDex2.
PAD is a digital music resource and streaming platform used through partner libraries and médiathèques across France, with an audience that includes teachers, students, and librarians. The leaked file contained 47,561 unique accounts spanning users in cities such as Paris, Marseille, Lyon, Lorient, and across Calvados.
Exposed data categories reported include:
- Names and surnames
- Email addresses
- Login identifiers
- Professional profiles (e.g. teacher, student, librarian)
- Account creation and last-login dates
- In some cases, an associated partner site (e.g. CIMU)
The combination of identity, contact details, and professional status creates a credible targeted phishing risk, since attackers can reference a victim's city or role to craft convincing fraudulent messages. As of the disclosure, the institution had not published a detailed public statement, and the response status remains unconfirmed.
Sources
- fuitesinfos.frhttps://fuitesinfos.fr/article/2026-01-06-philharmonie-de-paris-pad
- x.comhttps://x.com/justabreach/status/2008595068249096348
- presse83.frhttps://presse83.fr/2026/01/11/fuites-massives-de-donnees-en-france-debut-2026/