Skip to content
Supply chainContained

358,000 Réglo Mobile (Leclerc) customers affected by a data leak

On 18 February 2026, Réglo Mobile — the E.Leclerc/SFR-backed mobile virtual operator — disclosed that a subcontractor breached from 13 February exposed data on about 358,000 customers, including identity, contact details, dates of birth, PUK codes, call records and partial banking data, with the database offered for sale by actor "84City".

Victim
Réglo Mobile (Leclerc)
records
358.0K

On 18 February 2026, Réglo Mobile — the low-cost mobile virtual network operator (MVNO) backed by E.Leclerc and run on the SFR network — notified its customers of a data breach affecting roughly 358,000 subscribers.

The incident did not originate in Réglo Mobile's own systems but in those of one of its subcontractors. According to the operator, an attacker gained access to the third-party provider's environment starting around 13 February 2026 and exfiltrated data tied to customer accounts. Réglo Mobile said it was alerted a few days later, patched the exploited vulnerability, and contained the incident within hours of detecting it. Shortly afterwards, an actor using the handle "84City" advertised and put up for sale a database of more than 358,000 Réglo Mobile customers on a cybercrime forum.

The exposed data covered a broad range of personal information:

  • Full names and dates of birth
  • Postal and email addresses
  • Phone numbers
  • PUK codes and communication/call records
  • Partial banking data (truncated IBANs and masked card numbers)

Réglo Mobile stressed that account passwords were not affected and that the partial banking details could not, on their own, enable direct fraudulent transactions. However, security observers warned that the combination of identity, contact and line data creates a significant risk of targeted phishing, fraud and SIM-swapping attacks, and customers were urged to remain vigilant against unsolicited messages and account-takeover attempts.

Sources

  1. fuitesinfos.frhttps://fuitesinfos.fr/article/2026-02-18-reglo-mobile-leclerc
  2. solutions-numeriques.comhttps://www.solutions-numeriques.com/reglo-mobile-fuite-de-donnees-chez-loperateur-mobile-virtuel-du-groupe-e-leclerc/
  3. alloforfait.frhttps://alloforfait.fr/mobile/news/149595-fuite-de-donnees-chez-reglo-mobile-358-000-clients-potentiellement-exposes-attention-aux-arnaques-et-au-sim-swapping.html
  4. generation-nt.comhttps://www.generation-nt.com/actualites/reglo-mobile-fuite-donnees-cyberattaque-2071242

Related incidents

Supply chainContained

Leak at Alan (via Almerys)

On 23 May 2026, French digital health insurer Alan warned members that a cyberattack on its third-party claims processor Almerys had exposed their personal data — names, dates of birth, social security numbers and insurance contract details — though payment, password and health data were spared.

Victim
Alan