Skip to content
Data breachContained

Université Aix-Marseille: an internal data leak targeting students and staff

On 22 April 2026 the group LunarisSec claimed a data leak from France's Université Aix-Marseille, posting screenshots of internal user lists with names, institutional emails and profile data for students, doctoral candidates, interns and staff; the university cut its network and said systems and data integrity were preserved.

Victim
Université Aix-Marseille

On 22 April 2026, Université Aix-Marseille — one of France's largest public universities, based in Marseille — became the latest higher-education institution to be hit by the threat group LunarisSec, which publicly claimed a leak of internal data concerning students, doctoral candidates, interns and staff.

To back its claim, the group circulated screenshots that appeared to show internal user lists drawn from a university directory or platform. The exposed material reportedly included:

  • Full names (first and last)
  • Institutional email addresses
  • University profile details (first connection date, last activity, language preference, view/interaction counts)
  • References to academic fields, programmes and laboratories

The university said its monitoring systems detected the intrusion in time and that it cut off its entire network in response, stating that the integrity of its systems and data had been preserved. The exact scope of the leak was not officially confirmed, and no precise record count was published.

LunarisSec, described in French reporting as an Algerian hacktivist group, ran a wider campaign against French universities in this period, with claimed breaches at the Université de Bourgogne and the Université de Toulouse around the same time. Such exposures of names and institutional emails raise the risk of targeted phishing, identity theft and follow-on compromises. As of disclosure the incident is considered contained, with the authenticity and full scale of the leaked data still to be independently verified.

Sources

  1. cyberattaque.orghttps://www.cyberattaque.org/universite-aix-marseille-une-fuite-de-donnees-detudiants-revendiquee/
  2. kulturegeek.frhttps://kulturegeek.fr/news-280780/luniversite-aix-marseille-lobjet-dune-cyberattaque-importante
  3. fdesouche.comhttps://www.fdesouche.com/2026/04/27/les-universites-de-toulouse-31-de-bourgogne-21-et-daix-marseille-13-piratees-par-le-groupe-de-hackers-algerien-lunarissec-les-donnees-compromises-seraient-les-noms-prenoms-et-adres/

Related incidents