Collège de France: more than 1,600 researchers, teachers and internal documents leaked
New information from the leak attributed to the Collège de France shows the presence of a large tree of internal files
- Victim
- Collège de France
Incidents in sector:
Education
Académie de Montpellier: sensitive document leak after a cyberattack
The MedusaLocker ransomware group claims to have compromised systems linked to the Académie de Montpellier / CSJM and is threatening to publish documents
- Victim
- Montpellier education authority
Instructure Canvas LMS ShinyHunters breach (2026)
ShinyHunters exploited Canvas's Free-For-Teacher account programme to exfiltrate 3.65 TB of data spanning approximately 275 million users across nearly 9,000 schools — names, email addresses, student IDs, and some private messages between students and teachers. Instructure reportedly paid the ransom and the data was destroyed.
- Victim
- Instructure (Canvas LMS)
- Loss
- $10.0M
- Records
- 275.0M
Académie de Paris: more than 5,000 contact records and student photos leaked
A hacker operating under the pseudonym Cybernox claims to hold and distribute a database linked to the Académie de Paris, containing personal information
- Victim
- Paris education authority
Académie de Nice: personal data of teachers and staff leaked
A database linked to the Académie de Nice is reportedly being distributed online, containing information on French Ministry of Education staff.
- Victim
- Nice education authority
5,022 records from Lycée Carnot Paris: claimed data leak
Students, their parents and staff at Lycée Carnot Paris could be affected by the disclosure of approximately 5,022 user records. According to the claim, these records were reportedly…
- Victim
- Lycée Carnot Paris
1,150 people affected by a data leak at Notre-Dame des Dunes
Pupils and staff of the Collège-Lycée Notre-Dame des Dunes in Dunkirk are affected by a confirmed data leak, impacting around 1,150 people. The incident mainly concerns…
- Victim
- Collège-Lycée Notre-Dame des Dunes (Dunkerque)
- Records
- 1.1K
553 Collège Saint-Charles pupils affected by a data leak
The 553 pupils who are members of the Sports Association of Collège Saint-Charles (Guipavas/Brest) are affected by a confirmed data leak. The information uncovered comes, according to…
- Victim
- Collège Saint-Charles (Guipavas/Brest)
KADOKAWA / Niconico BlackSuit ransomware (2024)
Phishing access let BlackSuit (Russian-linked) encrypt KADOKAWA's infrastructure and the Niconico video-sharing platform, taking services offline for two months. KADOKAWA paid ~$2.9M in cryptocurrency — and BlackSuit leaked the stolen 1.5 TB anyway.
- Victim
- KADOKAWA Corporation
- Loss
- $2.9M
- Records
- 254.2K
British Library Rhysida ransomware (2023)
Rhysida ransomware operators destroyed servers, demanded ~£600,000, and leaked 600 GB of internal data when the British Library refused to pay. The main catalogue did not return online — read-only — until January 2024. Recovery is consuming 40% of the Library's financial reserves.
- Victim
- British Library
- Loss
- $8.5M
MOVEit Transfer mass exploitation (Cl0p)
Cl0p exploited CVE-2023-34362 in Progress Software's MOVEit Transfer to mass-extort over 2,700 organizations, including the BBC, British Airways, and the U.S. Department of Energy.
- Victim
- Progress Software MOVEit Transfer (2,700+ downstream)
- Loss
- $12.15B
- Records
- 95.0M
Maastricht University Clop ransomware (Netherlands, 2019)
TA505 used Clop ransomware to encrypt 267 Maastricht University servers over Christmas 2019 after two phishing emails on 15–16 October had compromised the network. The university paid 30 BTC (~$220,000). The ransom Bitcoin — later seized from a money mule — was returned and had appreciated, leaving the university ahead by ~$300,000.
- Victim
- Maastricht University
- Loss
- $220.0K