Data leak at UGSEL
On 28 January 2026, a dataset exposing personal details of roughly 600 students linked to UGSEL — the French Catholic-schools sports federation — surfaced online, including names, gender, dates of birth and class/category information.
- Victim
- UGSEL
On 28 January 2026, UGSEL — the Union Générale Sportive de l'Enseignement Libre, the federation that organises physical education and school sport across France's Catholic (private) education network — was reported as the source of a leak exposing the personal data of around 600 students.
The dataset that circulated contained pupil records typical of a sports-licensing or competition roster. Because the affected individuals are schoolchildren, the exposure is sensitive even though no financial or authentication data appears to be involved.
Exposed data categories reportedly included:
- First name and last name
- Gender
- Date of birth
- Category (age/competition grouping)
- Class
The precise cause of the exposure — whether a compromised affiliate system, a misconfigured database, or an account compromise — was not established in the available reporting, and UGSEL has not published a detailed public statement. The scale (about 600 students) and the affected categories should be treated as preliminary pending confirmation.
Sources
- bonjourlafuite.eu.orghttps://bonjourlafuite.eu.org/#UGSEL-2026-01-28