12,143 Renault Sud-Est customers affected by a claimed data leak
On 9 February 2026, a threat actor published a claimed CRM database export from a Renault dealership network in south-eastern France (PACA), exposing roughly 12,143 customer records including names, contact details, addresses and vehicle information.
- Victim
- Renault (South-East dealership network)
- records
- 12.1K
On 9 February 2026, Renault's South-East dealership network β a group of automotive retail concessions in the Provence-Alpes-CΓ΄te d'Azur (PACA) region of France β was named in a data leak published by a threat actor on a hacking forum. The actor shared what they presented as an export of the dealership's customer relationship management (CRM) database, and claimed it covered roughly 12,143 customer records.
According to the claim, the data originated from a CRM database export rather than from any compromise of Renault's central corporate systems, pointing to an individual dealership or its IT environment as the affected source. The leak was first surfaced through breach-tracking channels; samples shared as proof indicated genuine customer files rather than fabricated data.
The exposed records reportedly included:
- Full names and customer identities
- Postal addresses
- Email addresses
- Telephone numbers
- Vehicle-related details (such as models and registration data)
The figures and scope rest on the threat actor's own claims and the samples they published, and had not been independently confirmed by Renault or its dealership group at the time of reporting. No ransom demand, attribution, or official statement was confirmed, and the status of the incident β including any notification to affected customers or France's data-protection authority (CNIL) β remains unknown.
Sources
- fuitesinfos.frhttps://fuitesinfos.fr/article/2026-02-09-renault-reseau-de-concessions-sud-est
- frenchbreaches.comhttps://frenchbreaches.com/blog/plus-de-15-millions-de-personnes-apparaitraient-dans-une-fuite-de-donnees-touchant-le-secteur-automobile