108,000 Syma Mobile customers: claimed data leak
On 20 January 2026, a database of around 108,000 customers of French mobile virtual operator Syma Mobile was offered for sale on a dark-web forum, exposing names, dates of birth, postal and email addresses, phone numbers and copies of identity documents.
- Victim
- Syma Mobile
- records
- 108.0K
On 20 January 2026, Syma Mobile — a French mobile virtual network operator (MVNO) — was named in a dark-web listing offering a database of roughly 108,000 of its customers for sale. The dataset had first surfaced on a hacking forum in late 2025, and its republication in January 2026 renewed concern over the exposure of subscriber identity records.
The threat actor, posting from a recently created account, published sample excerpts to substantiate the claim. The attack vector was not confirmed; the data is consistent with information held in an operator's subscriber-management and KYC (identity-verification) systems, but no intrusion method was established and the leak remains a claim rather than a confirmed breach.
The exposed data reportedly included:
- First and last names
- Dates of birth
- Postal addresses
- Email addresses
- Mobile phone numbers
- Identity-document numbers (national ID card or passport), with some samples including scanned identity documents
Syma Mobile did not publicly acknowledge a security incident, and the breach was not independently confirmed by the company or a regulator. The listing appeared alongside databases attributed to other French organisations, suggesting it was part of a broader wave of stolen-data sales. The status of the incident and any notification to affected customers or the CNIL remain unknown.
Sources
- fuitesinfos.frhttps://fuitesinfos.fr/article/2026-01-20-syma-mobile
- clubic.comhttps://www.clubic.com/actualite-577542-alerte-cybersecurite-des-bases-de-donnees-d-alain-afflelou-de-syma-mobile-et-du-snu-mises-en-vente-sur-le-dark-web.html