Skip to content
Data breachUnknown

Data leak at Ze Camping

On 27 November 2024, a database from French camping-holiday booking platform Ze Camping (ze-camping.fr) covering 2014-2024 was advertised for sale on a darknet forum, exposing some 1.6 million records including names, logins, hashed passwords, dates of birth, phone numbers and postal addresses.

Victim
Ze Camping
records
1.6M

On 27 November 2024, Ze Camping — a French online platform for booking camping and outdoor holidays (ze-camping.fr) — was reported by cybersecurity outlet ZATAZ to have had its customer database put up for sale on a darknet marketplace. The leaked data spanned a decade of activity, from 2014 to 2024.

The seller advertised roughly 38 GB of data across 260 tables, claiming access to about 1,624,000 rows of personal data, including 1,623,000 unique email addresses and 292,000 unique phone numbers. The database was offered for around $1,000, alongside booking details, contracts and pricing information — a typical sign of a back-end database compromise rather than an isolated front-end leak.

Exposed data categories reported include:

  • First and last names
  • Account logins and hashed passwords
  • Dates of birth
  • Phone numbers and email addresses
  • Postal addresses
  • Reservation, contract and pricing records

ZATAZ stated that it alerted the affected company through its standard notification protocol, but reported receiving no response. The breach was not publicly confirmed by Ze Camping, and the scale figures originate from the seller's own claims rather than an independent forensic count, so the precise impact remains unverified.

Sources

  1. zataz.comhttps://www.zataz.com/bases-de-donnees-piratees-un-commerce-illicite-florissant-et-inquietant/
  2. bonjourlafuite.eu.orghttps://bonjourlafuite.eu.org/#Ze%20Camping-2024-11-27

Related incidents