Skip to content
Supply chainContained

Data leak at Safran Group: supply chain exposed

In February 2026, a database tied to French aerospace and defense group Safran surfaced on a hacking forum, exposing roughly 718,716 order records — names, emails, phone numbers, ERP references and logistics data — leaked through a third-party provider rather than Safran's own systems.

Victim
Safran Group
records
718.7K

On 10 February 2026, Safran Group — the French multinational in aerospace, defense and security — became the subject of a data leak after a threat actor using the name "Spirigatito" posted a database tied to the company on a hacking forum. Safran publicly disputed having been hacked, stating that no intrusion into its own systems took place and that the records originated from an accidental exposure at a third-party provider in its supply chain.

The leaked sample reportedly contained around 718,716 order records, with broader claims of more than a million rows of operational data. Researchers assessed that the data was most likely pulled from a compromised supplier portal or ERP subsystem, since Safran appears throughout the records as the customer rather than the breached party. Business partners and carriers referenced in the data reportedly included airlines such as Air France and China Southern.

Exposed data categories reportedly included:

  • Order details and ERP/internal references
  • Names, email addresses and phone numbers of business contacts
  • Account numbers and supplier codes
  • Part descriptions
  • Shipping, carrier and delivery/logistics information

Safran said the exposure was identified and contained quickly, that the affected database held only "non-strategic" information, and that it had notified the relevant authorities and its partners. The company reported no operational disruption resulting from the incident.

Sources

  1. fuitesinfos.frhttps://fuitesinfos.fr/article/2026-02-10-safran-group
  2. cybernews.comhttps://cybernews.com/security/safran-group-france-alleged-data-leak/
  3. scworld.comhttps://www.scworld.com/brief/cyberattack-refuted-by-safran-group-after-alleged-data-leak

Related incidents

Supply chainContained

Leak at Alan (via Almerys)

On 23 May 2026, French digital health insurer Alan warned members that a cyberattack on its third-party claims processor Almerys had exposed their personal data — names, dates of birth, social security numbers and insurance contract details — though payment, password and health data were spared.

Victim
Alan