Optic 2000: nearly 8,000 PDF invoices and franchisee data leaked
The Optic 2000 group, one of the leading networks of opticians in France, appears in a data leak published on a cybercrime forum. The
- Victim
- Optic 2000
Incidents in sector:
Retail
Camping-Car Plus: victim of a data leak, passwords exposed
The Camping-Car Plus website, specialised in selling accessories and equipment for motorhomes and camper vans, is informing its customers that it has been
- Victim
- Camping-Car Plus :
Atol Mon Opticien: 5.9 million customers exposed in a massive data leak
A large database attributed to Atol, one of the main optical groups in France, is currently being offered for sale on a forum
- Victim
- Atol Mon Opticien
Auchan Optique: more than 218,000 customers leaked after a cyberattack
A database attributed to Auchan Optique, the optical retail brand of the Auchan group, is currently circulating on a cybercrime forum.
- Victim
- Auchan Optique
Jimmy Fairly: massive leak of 357,000 customers after a cyberattack
A database attributed to Jimmy Fairly, a French eyewear chain founded in 2010, is currently being offered for sale on a forum
- Victim
- Jimmy Fairly
Ε koda: a cyberattack exposes passwords and customer data of the online store
Carmaker Ε koda, a subsidiary of the Volkswagen group, has confirmed it was the victim of an intrusion targeting its online store. According to
- Victim
- Ε koda
Woop: more than 256,000 users exposed with contact details and banking data
A database attributed to the French site woopit.fr is currently being offered for sale on a cybercriminal forum. The publication, dated 13 May
- Victim
- Woop
Kams Paris: 188,000 customer contact details and IBANs exposed after a cyberattack
A database attributed to Kams Paris is currently being offered for sale on a cybercriminal forum. The post, dated May 10, 2026,
- Victim
- Kams Paris
i-Run: the leak of 1.2 million customers does not come from their database
A hacker using the alias lowiq claims to be selling a database attributed to i-run.fr, containing about 1,223,520 records. The
- Victim
- i-Run
Smallable: nearly 700,000 children in a public data leak
The hacker ChimeraZ has published a database attributed to Smallable.com, an e-commerce site specialising in children's and family products. The
- Victim
- Smallable
French Ministry of Sports: more than 217,000 photos and sensitive data of educators leaked
A hacker using the alias Cybernox claims to be putting up for sale a database attributed to the French Ministry of Sports, Youth and
- Victim
- French Ministry of Sports
Jour de FΓͺte: 543,000 customer accounts leaked after a cyberattack
A database attributed to the site boutique-jourdefete.com, the online store of the French retailer Jour de FΓͺte, was reportedly published on a forum
- Victim
- Jour de FΓͺte
Madeindesign: 464,000 customer accounts exposed in a data leak
A database attributed to the e-commerce site Madeindesign.com has been published on a cybercrime forum by the hacker ChimeraZ, exposing
- Victim
- Madeindesign
Acrimed: online shop hit by a cyberattack
Acrimed has informed its users of a cyberattack affecting its online shop, with some personal data compromised.
- Victim
- Acrimed
MyPiscine: customer orders and accounts exposed after a cyberattack
The MyPiscine e-commerce site informs its customers that it was hit by an intrusion on 23 April 2026, resulting in unauthorised access to certain
- Victim
- MyPiscine
L'Opticienne Verte: 13,039 customers exposed after a cyberattack
The French brand L'Opticienne Verte, specialized in eco-friendly eyewear sold online, is reportedly the target of a data leak involving
- Victim
- L'Opticienne Verte
Bodyhit: 218,000 customers and 42,000 IBANs put up for sale after a cyberattack
The hacker undef claims to be selling the Bodyhit database, a French chain specialised in electrostimulation coaching studios.
- Victim
- Bodyhit
Imprimerie Nationale: leak of the software handling French secure documents
A hacker group claims to be selling internal software attributed to IN Groupe, a French public company specialized in secure documents
- Victim
- Imprimerie Nationale
JeuJouet.com: alerts customers after a cyberattack on its e-commerce site
The online retailer JeuJouet.com informed its customers by email after a cyberattack affecting the Magento e-commerce platform, used by many
- Victim
- JeuJouet.com
Moulin Roty: customer data exposed after a cyberattack
The French brand Moulin Roty alerted its customers by email following a cyberattack targeting their Magento e-commerce platform, used by many
- Victim
- Moulin Roty
Bazar du Manga: data leak confirmed after customer cold-calling
The online shop Bazar du Manga confirms a customer data leak following the unauthorised extraction of contact details from its database. In a
- Victim
- Bazar du Manga
ComptoirDuReve.fr: a leak exposes the contact details of 42,000 customers
The e-commerce site ComptoirDuReve.fr is reportedly targeted by a data leak with the release of a database containing nearly 42,000 customers. The database, at
- Victim
- ComptoirDuReve.fr
French Basketball Federation (FFBB): 1.9 million licence holders exposed in a massive leak
The HexDex group claims to be selling the personal data of the French Basketball Federation (FFBB), mentioning more than 1.9 million
- Victim
- French Basketball Federation (FFBB)
Brit Hotel: 682,000 loyalty programme members in a data leak
HexDex claims to put up for sale a database linked to Brit Hotel, a French hotel chain present across the country, following a
- Victim
- Brit Hotel
3,204 accounts affected by claimed data leak at FranceVerif.fr
FranceVerif.fr accounts are, according to the claim, affected for at least 3,204 unique people or accounts. FranceVerif.fr is an e-commerce site verification service that...
- Victim
- FranceVerif.fr
- Records
- 3.2K
Addresses of 70,000 luxury car owners exposed
A hacker known as HexDex claims to be selling a database containing more than 70,000 vehicles, along with detailed information about their
- Victim
- Addresses of 70,000 luxury car owners exposed
DB Telecom: a 40k-customer database put up for sale
A hacker claims to be selling a massive database from DB Telecom (Service Telecom), a player in the French telecommunications sector, with more than
- Victim
- DB Telecom
93,061 candidates affected by a claimed data leak at DCL
Individuals who took the DCL (DiplΓ΄me de CompΓ©tence en Langue) would be affected, according to the claim, by the sale of a file containing the personal data of 93,061β¦
- Victim
- DCL (DiplΓ΄me de CompΓ©tence en Langue)
1,133,731 members - claimed leak at French University Sport Federation
Members of the French University Sport Federation are, according to the claim, affected by a sale of their personal data by the threat actor HexDex. The...
- Victim
- French University Sport Federation
ARS: 35 million patients affected by a data leak, 130 hospitals and AP-HP targeted
The DumpSec group claims to be selling a massive database covering 35 million French citizens, presented as originating from systems linked to more than 130
- Victim
- ARS
Alltricks: more than 820,000 customer accounts for sale on the dark web
Alltricks states that it has conducted in-depth investigations across all of its databases. According to the company, the information currently being
- Victim
- Alltricks
Ledger: 105,000 French cryptocurrency holders exposed
Ledger's customer database, originating from a leak that occurred in January 2026 via the Global-e provider, is once again offered for sale on a forum
- Victim
- Ledger
Gold Union: more than 120,000 gold buyers exposed with ID documents and transactions
Gold Union, a major player in the buying and selling of gold and silver in France, is at the heart of a critical data leak involving more than 126,000
- Victim
- Gold Union
Missions Locales: more than 500,000 young people exposed following a cyberattack
A new data leak targets the Missions Locales network, with more than 506,000 profiles currently offered for sale on dark
- Victim
- Missions Locales
363,000 customers affected by data leak at Airsoft-Entrepot
Airsoft-Entrepot customers are affected by a confirmed leak impacting commercial and personal data collected by the airsoft online retail site. Nearly 363,000 peopleβ¦
- Victim
- Airsoft-Entrepot
- Records
- 363.0K
109,302 CMF members: data leak claimed
The 109,302 members of the ConfΓ©dΓ©ration Musicale de France (CMF) are reportedly affected, according to the claim. According to the elements provided, a batch put up for sale by the actor HexDex would contain theβ¦
- Victim
- ConfΓ©dΓ©ration Musicale de France (CMF)
- Records
- 109.3K
713,814 people affected by a claimed data leak at ImmoJeune
Individuals who submitted a rental application on ImmoJeune are reportedly affected, according to the claim, by the sale of their data. Nearly 714,000 files are reportedly targeted, according toβ¦
- Victim
- ImmoJeune
- Records
- 713.8K
400,000 Olympique de Marseille customers, claimed leak
Olympique de Marseille customers are reportedly affected by a claimed leak impacting nearly 400,000 people, according to the claim. The publication announces the sale of a databaseβ¦
- Victim
- Olympique de Marseille
- Records
- 400.0K
400,000 members affected by a claimed data leak at KeepCool
KeepCool members are affected by a claimed leak that would impact nearly 400,000 people. According to the claim, the batch put up for sale on February 20, 2026 on BreachForums by the actorβ¦
- Victim
- KeepCool
- Records
- 400.0K
Claimed leak at OSAC (Civil Aviation) - Ransomware - see details
People whose ID documents or other documents are held by OSAC may be affected by a claimed leak. According to the claim, the LAPSUS$ group allegedly extracted around 420β¦
- Victim
- OSAC (Civil Aviation)
1,431,906 members affected by a data leak at CFDT
CFDT members are affected by a confirmed data leak impacting more than 1.4 million records. The actor HexDex claims the sale of data of 1,431,906 members, andβ¦
- Victim
- CFDT
358,000 RΓ©glo Mobile (Leclerc) customers affected by a data leak
RΓ©glo Mobile (Leclerc) customers are affected by a confirmed leak impacting nearly 360,000 people. The database was put up for sale by the actor "84City" on 18 February 2026β¦
- Victim
- RΓ©glo Mobile (Leclerc)
- Records
- 358.0K
5.88 million customers affected in data leak at Techni-Contact
Customers of Techni-Contact, a B2B e-commerce platform, are affected by a confirmed data leak. According to the elements published, the corpus totals nearly 5.88 million linesβ¦
- Victim
- Techni-Contact
43,366 customers affected by a claimed data leak at StorePasCher
StorePasCher customers are affected by a claimed leak involving 43,366 accounts, according to the claim. The case concerns the e-commerce site StorePasCher, which offers online salesβ¦
- Victim
- StorePasCher
- Records
- 43.4K
3,691,752 customers in a claimed data leak at LBP Granville (Le Bureau de Prospection)
LBP Granville customers are reportedly affected by a data leak, according to the claim. The announced volume exceeds 3.6 million records and a sale is mentioned for January 15β¦
- Victim
- LBP Granville (Le Bureau de Prospection)
- Records
- 3.7M
115,000 customers affected by claimed leak at Audiophonics.fr
Customers of Audiophonics.fr are reportedly affected, according to the claim, by a leak involving a database announced at around 115,000 users. The site targeted is an online shopβ¦
- Victim
- Audiophonics.fr
- Records
- 115.0K
Coupang insider data breach (2025)
A former Coupang employee accessed personal data on 33.7 million customer accounts of South Korea's largest e-commerce platform. Coupang announced a $1.17 billion compensation plan; its head of Korean e-commerce resigned.
- Victim
- Coupang
- Loss
- $1.17B
- Records
- 33.7M
Asahi Group Holdings Qilin ransomware (2025)
Qilin ransomware operators encrypted servers across Asahi's Japanese data centres, halting ordering, shipment, and production at 30 factories, leaking 27 GB of internal data, and exposing personal information of approximately 1.5 million customers, employees, and contacts.
- Victim
- Asahi Group Holdings
- Loss
- $31.4M
- Records
- 1.5M
Leak at Optic 2000
title, last name, first name social security number date of birth postal address customer number phone number store concerned optician's name
- Victim
- Optic 2000
Marks & Spencer DragonForce ransomware (Scattered Spider, 2025)
Social-engineering of a third-party service desk gave Scattered Spider a domain administrator, which they used to deploy DragonForce ransomware on M&S's VMware ESXi estate at Easter 2025 β knocking out contactless payments, Click & Collect, and online ordering for over six weeks.
- Victim
- Marks & Spencer
- Loss
- $550.0M
CDK Global BlackSuit ransomware (2024)
BlackSuit operators encrypted CDK Global's dealer-management platform, knocking ~15,000 North American car dealerships offline for nearly two weeks. A second attack hit on day two of recovery. Industry losses estimated at over $1 billion; CDK reportedly paid a $25 million ransom.
- Victim
- CDK Global
- Loss
- $1.00B
Snowflake customer-account credential-stuffing campaign (UNC5537, 2024)
A threat cluster tracked as UNC5537 / ShinyHunters used credentials harvested by infostealer malware to log into ~160 Snowflake customer tenants that lacked MFA. Victims included AT&T, Ticketmaster, Santander, LendingTree, Advance Auto Parts, Neiman Marcus, and Bausch Health. Ticketmaster alone exposed data for ~560 million users.
- Victim
- Snowflake customer tenants (~160 organisations: AT&T, Ticketmaster, Santander, LendingTree, Advance Auto Parts, Neiman Marcus, Bausch Health, et al.)
- Records
- 560.0M
Indigo Books LockBit ransomware
LockBit affiliates encrypted Canada's largest bookseller, taking the website and in-store payment systems offline for weeks. Indigo publicly refused the ransom; LockBit published employee personal data.
- Victim
- Indigo Books & Music Inc.
- Loss
- $40.0M
- Records
- 5.0K
Kaseya VSA supply-chain ransomware (REvil)
REvil affiliates exploited a SQL injection zero-day in Kaseya's VSA remote-management platform to push ransomware to ~60 MSPs and through them to ~1,500 downstream organisations. The largest supply-chain ransomware attack on record.
- Victim
- Kaseya VSA customers (~60 MSPs, ~1,500 downstream organisations)
- Loss
- $200.0M
JBS Foods REvil ransomware
REvil affiliates encrypted the world's largest meat processor, shutting down beef and pork plants across the U.S., Canada, and Australia. JBS paid an $11 million ransom β one of the largest publicly-confirmed ransomware payments at the time.
- Victim
- JBS S.A. / JBS USA
- Loss
- $100.0M
British Airways Magecart card-skimming
Magecart operators injected card-skimming JavaScript into British Airways' payment page, stealing card details on 380,000 transactions over 15 days. UK ICO initially proposed a Β£183.4M GDPR fine β later reduced to Β£20M after Covid-impact mitigation arguments.
- Victim
- British Airways
- Loss
- $35.0M
- Records
- 429.0K
Target POS malware breach
Attackers entered Target via stolen credentials from an HVAC contractor, pivoted to the payment network, and stole magstripe data on 40 million credit and debit cards plus PII on 70 million customers.
- Victim
- Target Corporation
- Loss
- $292.0M
- Records
- 110.0M