Skip to content
Data breachOngoing

1,178 records exposed, data leak at Pompes Funèbres Musulmanes Toulouse

On 15 April 2026, Pompes Funèbres Musulmanes Toulouse, an Islamic funeral provider, suffered a data leak claimed by an actor known as "ntmpd" who posted a 1,178-record database dump plus working admin credentials on a hacker forum, exposing client and deceased records.

Victim
Pompes Funèbres Musulmanes Toulouse
records
1.2K
SectorOther

On 15 April 2026, Pompes Funèbres Musulmanes Toulouse — an Islamic funeral and burial service provider based in Toulouse, France — was hit by a data leak claimed by a threat actor operating under the alias "ntmpd". The actor advertised a stolen database dump of roughly 1,178 records on a hacker forum (reported as PwnForums), boasting that the exfiltration had been carried out very quickly, capturing the "essentials" of the backend.

The leak is especially sensitive because it combines a customer/case database with working administrative credentials (an unencrypted backend login and password), giving anyone who obtained them potential full control of the provider's management system.

Exposed data categories reported include:

  • First and last names of clients and bereaved families, and records relating to the deceased
  • Email addresses and mobile phone numbers
  • Postal addresses drawn from service invoices
  • Financial / transaction details tied to funeral arrangements
  • Religious and cultural context implied by the nature of the service
  • Administrative login credentials for the provider's backend

As a small French funeral operator handling deeply personal bereavement data, the firm falls under GDPR and CNIL oversight, and the combination of leaked personal data with live admin access raises a real risk of fraud and impersonation targeting grieving families. As of reporting, the data and credentials remained exposed on the forum and no public remediation or formal company statement had been confirmed, so the incident is treated as ongoing.

Sources

  1. fuitesinfos.frhttps://fuitesinfos.fr/article/2026-04-15-pompes-funebres-musulmanes-toulouse
  2. brinztech.comhttps://www.brinztech.com/breach-alerts/brinztech-alert-pompes-funebres-musulmanes-toulouse-admin-data-leak
  3. brinztech.comhttps://www.brinztech.com/breach-alerts/brinztech-alert-pompes-funebre-musulmanes-toulouse-admin-access-database-leak

Related incidents

Data breachOngoing

Leak at La France Insoumise

In May 2026, France's La France Insoumise party had data from its Action Populaire activist platform stolen and posted on a hacking forum, exposing some 120,000 email addresses, 20,000 phone numbers, postal addresses and member activity spanning 2017-2026.

Victim
La France Insoumise