Timeline of cyberattacks
Every catalogued incident, plotted by disclosure date.
2026
490 incidents1,528 contacts at Nature & Cie, claimed leak
Nature & Cie's business contacts are affected by a claimed leak. According to the claim, the database in question mainly targets a B2B scope: business contacts…
Eyguières town hall paralyzed by ransomware
Eyguières town hall, a commune of about 7,000 inhabitants located in the Alpilles, was the victim of a ransomware cyberattack on Friday, May 22, 2026.
Les Embruns d'Oléron: data of 1,800 campsite holidaymakers exfiltrated
The Les Embruns d'Oléron campsite, a 4-star establishment located at Château-d'Oléron on the island of Oléron, appears in a new leak published on a
Optic 2000: nearly 8,000 PDF invoices and franchisee data leaked
The Optic 2000 group, one of the leading networks of opticians in France, appears in a data leak published on a cybercrime forum. The
Leak at Alan (via Almerys)
Name, first name date of birth Birth order Social security number Contract number Insurer's name Insurer's contract number Coverage start and end dates
18,140 people affected by claimed leak at AVEA Vacances
Families who booked or participated in youth stays with AVEA Vacances are affected, according to the claim, by a claimed leak. According to the announcement, nearly 18,000 people…
Avea Vacances hit by a cyberattack: 46,000 stay records exposed
The dark series of cyberattacks against tourism by ChimeraZ continues with the Avea Vacances association, specializing in summer camps and
Camping-Car Plus: victim of a data leak, passwords exposed
The Camping-Car Plus website, specialised in selling accessories and equipment for motorhomes and camper vans, is informing its customers that it has been
Delko, ongoing cyberattack and extortion.
A data leak targeting Delko, a French network of garages and car maintenance centres, is currently being claimed by the cybercriminal group LAPSUS$, known for its extortion operations…
Largo hit by a cyberattack: customer and order data leaked
The French high-tech refurbishment specialist Largo informs its customers that it was the victim of a security incident that affected part of
Almerys at the heart of a massive leak of 15 million social security numbers
A database attributed to Almerys, a major player in third-party payment and health data flow management in France, is currently being offered on
Atol Mon Opticien: 5.9 million customers exposed in a massive data leak
A large database attributed to Atol, one of the main optical groups in France, is currently being offered for sale on a forum
5,924,215 Atol customer records: claimed data leak
Atol customers are reportedly affected by a claimed leak impacting nearly 5.9 million records, according to the claim. Atol is a French cooperative of opticians founded in 1970, which…
Auchan Optique: more than 218,000 customers leaked after a cyberattack
A database attributed to Auchan Optique, the optical retail brand of the Auchan group, is currently circulating on a cybercrime forum.
Jimmy Fairly: massive leak of 357,000 customers after a cyberattack
A database attributed to Jimmy Fairly, a French eyewear chain founded in 2010, is currently being offered for sale on a forum
Data leak at the Haute-Garonne departmental digital media library
Users of the Haute-Garonne departmental digital media library are affected by a security incident confirmed by the media library, which impacts some of their data. The…
Leak at the Haute-Garonne Departmental Council digital media library
First and last name, email address, date of birth, city of residence, login history, credentials
Move Up Formation hacked: database, source code and administrator access leaked
The moveup-formation.fr site, specialized in professional training, appears in a new leak published on a cybercrime forum. The
Data leak at Nemea Groupe confirmed by the company
People who submitted a rental application to Nemea Groupe are affected by a data leak confirmed by the company. Nemea states in an email sent to those affected…
23,685 records: claimed leak at ATOA
Customers and users of ATOA, a real estate investment service, could see their data exposed, according to the claim. The announced file is said to contain rows linked to accounts…
McDonald's hit by a cyberattack: loyalty accounts used without customers' knowledge
McDonald's France has confirmed being the victim of a security incident that led to fraudulent access to accounts of the loyalty program of
GitHub hit by a cyberattack, nearly 4,000 internal private repositories leaked
GitHub, the development platform used by millions of developers worldwide, confirmed having been the victim of a cyberattack that
99,671 people: claimed data leak at Lagrange Vacances
Vacances-Lagrange.com customers and participants are targeted by a claimed data leak, according to the claim of May 19, 2026. The announced file would reportedly concern nearly 100,000 people…
Leak at Maeva
First and last name, phone number, date of birth, booking number, date and location of stay
Groupe CRIT: HR documents and ID papers from a Tunisian subsidiary exposed
The French group CRIT, a specialist in temporary work, recruitment and airport services, appears on the leak site of the group
MediaVacances: 256,000 invoices exposed in a data leak
The MediaVacances site, a French platform specialized in peer-to-peer vacation rentals, is the subject of a major data leak
Gîtes de France: 389,000 customers' bookings in a data leak
The Gîtes de France network, a historic player in vacation rentals and rural tourism in France, confirmed having been the victim of an incident of
Transitions Pro Centre-Val de Loire: tens of GB of data threatened after a ransomware attack
Transitions Pro Centre-Val de Loire, an organisation responsible for supporting employees in their professional retraining projects, is targeted by a
Djaboo: more than 25 GB of sensitive internal files published after a cyberattack
A significant volume of data attributed to the djaboo.com site was published on a cybercriminal forum on 15 May 2026. The hacker behind the leak
Pierre & Vacances: 4.5 million holidaymakers exposed in a massive data leak
The French group Pierre & Vacances-Center Parcs has acknowledged being the victim of a security incident that led to the exposure of data
OpenAI: internal data compromised after installation of the booby-trapped TanStack library
OpenAI has confirmed that it was hit by a cyberattack linked to the compromise of TanStack npm, an open-source library widely used in
4.5 million Pierre & Vacances-Center Parcs customers, data leak
Pierre & Vacances-Center Parcs customers are affected by a data leak confirmed by the group, linked to the La France du Nord au Sud booking platform, used in particular for…
Collège de France: more than 1,600 researchers, teachers and internal documents leaked
New information from the leak attributed to the Collège de France shows the presence of a large tree of internal files
EFC Formation: a massive leak exposes 60,000 administrative documents and 49,000 students
The hacker ChimeraZ claims to have compromised data from efcformation.com, the website of the École Française de Comptabilité (EFC Formation). Two
FFMOTO: 2.3 million French motorcyclists exposed in a data leak
The hacker lazasec123 claims to have obtained a database containing nearly 2.3 million profiles associated with French motorcycle licences linked to FFMOTO.org.
422 email addresses exposed in a claimed data leak at Union-prof.asso.fr
Members and professional contacts linked to Union-prof.asso.fr are affected. According to the claim, a database containing files describing documents and access traces would have exposed…
A.R.Ge.Co: accounting and financial data leaked after a cyberattack
The Anubis ransomware group claims to have compromised the systems of A.R.Ge.Co, a French company specializing in accounting services and
Akitatek: data on nearly 5,500 customers leaked after a cyberattack
The hacker using the pseudonym ChimeraZ claims to have compromised a database linked to the French site Akitatek.fr. The publication appeared on the 13
Foxconn Nitrogen ransomware breach (2026)
The Nitrogen ransomware group claimed on its dark-web leak site that it had stolen over 11 million files from Foxconn's North American facilities, including confidential information belonging to customers Apple, Dell, Google, Intel, Nvidia, and Sony. Foxconn said affected factories were resuming normal production.
Le Domaine des Tournels targeted by a cyberattack
The Qilin ransomware group claims to have compromised the systems of Le Domaine des Tournels, an establishment located in the Gulf of Saint-Tropez. At this
Mistral AI: 450 private repositories and 5 GB of internal code threatened with release after a cyberattack
A hacker going by the name TeamPCP claims to hold a significant quantity of internal data belonging to Mistral AI, the French startup
Škoda: a cyberattack exposes passwords and customer data of the online store
Carmaker Škoda, a subsidiary of the Volkswagen group, has confirmed it was the victim of an intrusion targeting its online store. According to
Woop: more than 256,000 users exposed with contact details and banking data
A database attributed to the French site woopit.fr is currently being offered for sale on a cybercriminal forum. The publication, dated 13 May
Data leak at Best Western Hotels - customer reservations accessed
Best Western Hotels customers are affected by a data leak confirmed by the company. Unauthorised access identified on 22 April 2026 resulted in the consultation, between 14 October…
CalendrIDEL: data of 1,400 self-employed nurses publicly disclosed
Data attributed to CalendrIDEL, a French platform for self-employed nurses, was published on a cybercrime forum on 11 May
CARMF: 2.4 million doctor records leaked after a cyberattack
An actor using the pseudonym lazasec claims to have compromised the CARMF (Caisse Autonome de Retraite des Médecins de France) website and extracted nearly
Data leak at Enercoop after account compromise
Enercoop customers, prospects and members are affected by a confirmed data leak. Enercoop identified the incident on 11 May 2026 and indicates that it led to the sending of messages…
La Boîte Immo: profiles and real estate documents released after a cyberattack
The hacker ChimeraZ claims to hold data linked to La Boîte Immo, a French company specialized in software and digital services for
6,410 LuxTrust accounts linked to Thales: claimed leak
LuxTrust accounts linked to Thales are reportedly affected by a leak, according to the claim published on May 12, 2026. The announced batch reportedly contains several thousand user accounts and nearly…
Nuhanciam: over 156,000 customers exposed in a leak targeting the cosmetics brand
A database attributed to Nuhanciam is currently circulating on a cybercrime forum. The publication mentions more than 156,000 customer records
Roubaix: the Kiosque famille suspended after a data leak concerning schoolchildren
The Town of Roubaix has announced that it was the victim of a security incident affecting the Kiosque famille of the Education service, a platform used
Thales: thousands of employee records released publicly on a cybercriminal forum
A hacker using the pseudonym ChimeraZ claims to have compromised a database associated with French group Thales. The publication appeared on
Kams Paris: 188,000 customer contact details and IBANs exposed after a cyberattack
A database attributed to Kams Paris is currently being offered for sale on a cybercriminal forum. The post, dated May 10, 2026,
Leak at Once for all (via Actradis)
Last name, first name Email address Phone number
Leak at La France Insoumise
Last name, first name Email address Postal address Profile information Group or event participations
765 users affected by claimed leak at Média31
Users of the Média31 digital media library are reportedly affected by a claimed leak, according to the claim published on May 9, 2026. Nearly 800 user accounts appear in the sample…
Monservicederemplacement.fr: nearly 185,000 people exposed in a sensitive data leak
A database attributed to Monservicederemplacement.fr, a platform linked to Service de Remplacement France, is currently circulating online after a
Arsène Valentin: customer data exposed after malicious code was injected on the site
French brand Arsène Valentin informed its customers that it has detected malicious code on its website, potentially
812,000 Boulangerie Ange customers affected by a data leak
The 812,000 customers of Boulangerie Ange are affected by a data leak confirmed by the company. The leak had been announced on 29 April 2026 by "odelpaso". Boulangerie Ange is presented…
Soprolux: banking documents and customer data released after a cyberattack
The ransomware group BravoX claims a cyberattack against Soprolux, a company specialising in food distribution for
West Pharmaceutical: the Nouvion-en-Thiérache plant paralysed by a cyberattack
The West Pharmaceutical plant located in Nouvion-en-Thiérache, in the Aisne department, has been severely disrupted for several days following a cyberattack having
Académie de Montpellier: sensitive document leak after a cyberattack
The MedusaLocker ransomware group claims to have compromised systems linked to the Académie de Montpellier / CSJM and is threatening to publish documents
Action Populaire: data linked to La France Insoumise activists leaked
A hacker operating under the pseudonym fuzzeddffmepg claims to have compromised Action Populaire, the community platform used by La France Insoumise
Leak at Bilov
Claimed data leak concerning Bilov.
Leroy Merlin: more than 367,000 customers exposed in a leak linked to the Leroy&moi program
The hacker using the alias Lagui claims to hold a database attributed to Leroy Merlin France. The post appeared on May 6, 2026 on
BookMyName: a cyberattack compromised data linked to domain names
French registrar BookMyName informed some of its customers of a security incident detected on 5 May 2026, after the identification of
Cetelem: customer email addresses exposed after a cyberattack
Cetelem has confirmed being the victim of a cyberattack that occurred on 20 April 2026, which resulted in the exposure of email addresses belonging to some
Erla Technologies: a data leak claimed by a ransomware group
The ransomware group SpaceBears claims to hold data from Erla Technologies SAS, a French company specialising in equipment related
Newdeal Institut: a database exposed with passwords and sensitive documents
A database attributed to Newdeal Institut, a language training centre, has been published on a cybercrime forum by a hacker posing as
Quiberon: municipal services disrupted after a cyberattack
The Town of Quiberon was hit by a cyberattack that took place on 3 May 2026, impacting part of its IT system. The incident was
220 candidates in data leak at Auto École du Lys
The 220 candidates of Auto École du Lys are affected by a confirmed data leak. The exposed files are very recent, with exam dates extending up to April 2026, and according to…
428 candidates of Auto École du Moulin affected by a data leak
Candidates of Auto École du Moulin (La Rochelle) are affected by a data leak that exposes 428 people. The implicated files cover the history of driving license examinations…
1,556 candidates: data leak at École de conduite Vincent
Candidates of École de conduite Vincent, in Ancenis-Saint-Géréon, are affected by a confirmed data leak. About 1,600 people are reported to have their information exposed, according to the…
École de Psychologues Praticiens: student database exposed in a massive leak
An actor going by the alias Spirigatito claims to be publishing a massive archive attributed to Psycho-Prat, including a database and documents
Groupe CGA: 65,000 customers and 2,500 employees included in a data leak
The DumpsecV2 group claims to hold a database attributed to Groupe CGA, a major player in automotive distribution in France. Groupe CGA
67,500 Groupe GCA customers affected by a claimed data leak
Customers of Groupe GCA, a network of car dealerships, are reportedly affected by a claimed leak impacting nearly 67,500 people, according to the claim. The Dumpsec collective states…
i-Run: the leak of 1.2 million customers does not come from their database
A hacker using the alias lowiq claims to be selling a database attributed to i-run.fr, containing about 1,223,520 records. The
La Redoute: a logistics database of 96,000 customers tied to deliveries leaked
A hacker using the alias Lagui claims to have posted online a database attributed to La Redoute, resulting from scraping carried out on several
Smallable: nearly 700,000 children in a public data leak
The hacker ChimeraZ has published a database attributed to Smallable.com, an e-commerce site specialising in children's and family products. The
Actradis: 82,000 business customers and 222,000 internal tracking records leaked
A hacker going by the name Lagui has published a database attributed to Actradis, a French platform used for the management and distribution
Clinique Ambroise Paré Beuvry: also a victim of a cyberattack
The Ambroise Paré clinic in Beuvry says it was the victim of a cybersecurity incident on 21 April 2026, according to a communication published on 30
Leak at French Basketball Federation
First name, last name Date of birth Postal address Email address Phone number License number Club
Leak at Interrail
Last name, first name Email address Postal address Phone number Passport number, issue date, expiry date Travel companions
Profil Search: over 100,000 candidate profiles exposed in a data leak
The hacker Lagui has published a database attributed to Profil Search. The publication mentions a file containing around 100,642 complete entries.
French Ministry of Sports: more than 217,000 photos and sensitive data of educators leaked
A hacker using the alias Cybernox claims to be putting up for sale a database attributed to the French Ministry of Sports, Youth and
ObjetRama: over 80,000 customers exposed in a 209,000-row leak
The hacker going by the name ChimeraZ has published a database attributed to ObjetRama.fr, specialising in promotional items. The database
Service Civique: contacts from public and association organisations published after a cyberattack
A hacker has put online a database attributed to service-civique.gouv.fr, the official platform of France's Service Civique programme. A few days
Faco Paris: more than 11,000 sensitive documents, IBANs and source code exposed in a leak
A hacker claims to have compromised the systems of Faco Paris, a higher education institution, and released an archive of about 12 GB containing
Instructure Canvas LMS ShinyHunters breach (2026)
ShinyHunters exploited Canvas's Free-For-Teacher account programme to exfiltrate 3.65 TB of data spanning approximately 275 million users across nearly 9,000 schools — names, email addresses, student IDs, and some private messages between students and teachers. Instructure reportedly paid the ransom and the data was destroyed.
Jour de Fête: 543,000 customer accounts leaked after a cyberattack
A database attributed to the site boutique-jourdefete.com, the online store of the French retailer Jour de Fête, was reportedly published on a forum
67,767 La Pizza de Nico customers - claimed data leak
La Pizza de Nico customers, nearly 68,000 people, are reportedly affected by a data leak according to the claim. According to the announcement, a database of 67,767 customers was reportedly published and…
Madeindesign: 464,000 customer accounts exposed in a data leak
A database attributed to the e-commerce site Madeindesign.com has been published on a cybercrime forum by the hacker ChimeraZ, exposing
ADEMI: cyberattack on an agricultural weighing system
A database attributed to ADEMI, an agricultural weighing system, is currently circulating online, exposing sensitive information related to
Ankama: customer contact details exposed after a cyberattack
French video game publisher Ankama informs its users that it has been the victim of a cyberattack that led to unauthorized access to certain
AQUAES: contact details of environmental consulting firms exposed
A database attributed to AQUAES, a directory of environmental consulting firms, is currently circulating online, exposing contact details of
374 customers affected by a data leak at Deltadore
Deltadore customers registered on the professional training site formation-pro.deltadore.fr are affected by a data leak impacting at least 374 people. The company notified…
Yomoni contests the data leak involving 443,000 customers
A hacker claims to have obtained a database linked to Yomoni, a French online savings management platform, with more than 443,000
Acrimed: online shop hit by a cyberattack
Acrimed has informed its users of a cyberattack affecting its online shop, with some personal data compromised.
Aréli: some of its partners exposed after a cyberattack
The Lille-based Aréli association reports having suffered a cyberattack on 12 January, according to a letter sent to partner organizations. The body
Campus France: 18,000 applications exposed after a leak targeting a public service
The hacker ChimeraZ claims to have published a partial database from toucan.campusfrance.org, a service attached to Campus France, with about 18
Saint-Étienne: city hit by a cyberattack through its ticketing provider
The Town of Saint-Étienne and Saint-Étienne Métropole report a security incident affecting their ticketing provider. Following this
MyPiscine: customer orders and accounts exposed after a cyberattack
The MyPiscine e-commerce site informs its customers that it was hit by an intrusion on 23 April 2026, resulting in unauthorised access to certain
Bordeaux Métropole: leak of 11,000 tourist tax filers and tourist rental addresses
A hacker claims to publish a partial database attributed to the taxedesejour.bordeaux.metropole.fr portal, a service used to manage the tourist tax
Exclusive Networks: cyberattack at a key player in cybersecurity solutions
The ransomware group Qilin claims to have compromised the systems of Exclusive Networks, an international player specialised in the distribution of
L'Opticienne Verte: 13,039 customers exposed after a cyberattack
The French brand L'Opticienne Verte, specialized in eco-friendly eyewear sold online, is reportedly the target of a data leak involving
Université de Toulouse: students and staff exposed after a cyberattack
The group going by the name LunarisSec claims to have attacked Université de Toulouse and releases screenshots presented as coming from a
French Ministry of Ecological Transition: more than 1,000 staff accounts compromised
A hacker claims to have compromised accounts tied to the Ministry of Ecological Transition, with the publication of a database containing 1,154 profiles
National Gendarmerie: nearly 60,000 gendarmes exposed after the Resana leak was republished
The hacker Angel_Batista claims to hold the data of 59,000 members of the National Gendarmerie. According to his publication, however, this is not
Sejourneur.com: 53,000 bookings and thousands of invoices in a data leak
The hacker ChimeraZ has put online the database of Sejourneur.com, a platform specialising in the management of stays and seasonal rentals. The
Adele.org: leak of 261,000 student housing files with ID cards and passports
The hacker ChimeraZ claims to be publishing the database of Adele.org, a platform specializing in student housing. The claimed leak reportedly concerns
Leak at Céram Décor
Surname, first name; email address; phone number; postal address; hashed password
86,683 teachers affected by a data leak at IFprofs
Teachers registered on IFprofs are affected by a confirmed data leak, impacting nearly 87,000 accounts. IFprofs is a collaborative network for French teachers, used to…
Agence de services et de paiement (ASP): sensitive data leak, social security numbers and IBANs exposed
The Agence de services et de paiement (ASP), the public body responsible for paying out many state benefits, has confirmed a security incident that
Leak at Agence Nationale des Fréquences
Name, first name Postal address Phone number Email address Date of birth
ANFR: 330,000 users of the Radiomaritime service affected after a cyberattack
The Agence Nationale des Fréquences (ANFR), the public authority responsible for managing the radio spectrum in France, has been the victim of a cyberattack
STOR Solutions: a hacker claims access to 120,000 UPS units and the datacenter's systems
A hacker claims to have compromised the infrastructure of the STOR datacenter, presented as hosting cloud services as well as technical systems linked
Data leak at Système U
First name, last name Professional status Email address Postal address Phone number Loyalty card number
Bodyhit: 218,000 customers and 42,000 IBANs put up for sale after a cyberattack
The hacker undef claims to be selling the Bodyhit database, a French chain specialised in electrostimulation coaching studios.
France Titre (ANTS): the leak would be much larger than 12 million accounts
New revelations are reigniting the France Titres / ANTS case. After an initial publication mentioning up to 18 to 19 million accounts,
La Mie Câline Biscarrosse: data and administrator access released publicly
A hacker claims to have compromised the internal site of La Mie Câline in Biscarrosse, with publication of a local database as well as credentials
Parcoursup: data leak of 705,000 applicants after fraudulent access in Occitanie
The French Ministry of Higher Education, Research and Space has revealed a security incident affecting the data of certain applicants
Wazari: customer data leaked after the Assuréa cyberattack
Insurance broker Wazari is informing its customers of a security incident linked to an external attack that affected a management and storage tool
Rituals: customer personal data leaked after a cyberattack
Rituals, an international brand specialising in cosmetics, home fragrances and wellness products, has informed its customers by email of an incident
Université Aix-Marseille: an internal data leak targeting students and staff
Université Aix-Marseille is in turn allegedly targeted by a cyberattack, claimed by a group going by the name LunarisSec. This announcement
EDF: alarming leak of images of French nuclear power plants
A hacker claims to have 6 GB of images related to several French nuclear power plants operated by EDF, following a claim published on a forum
Engie: a cyberattack claimed by a ransomware group
The hacker group Coinbasecartel claims to have carried out a cyberattack against Engie, the French energy giant active in electricity, gas and
Ledil Immobilier: 6,700 profiles exposed after a data leak
The real estate network Ledil Immobilier is reportedly the victim of a data leak after a database was posted online on a cybercriminal forum.
Data leak at Magasins U - unspecified volume
Magasins U customers holding a loyalty card were notified by email of a breach affecting their loyalty accounts. The supermarket chain states that data…
Sterimed: internal files published after a cyberattack
The STERIMED group, specialist in sterilisation packaging and solutions for the medical sector, is allegedly the victim of a cyberattack with a leak of
Super U: customer data accessible after a cyberattack
The Magasins U group (Super U) informs some customers that it has been the victim of an external and malicious cyberattack that led to unauthorised
12 million people in the ANTS data leak
Customers of ANTS (France Titres) are affected by a data leak confirmed by the agency. According to the official communication, unauthorized access was detected on 15 April 2026 and…
City'Pro Marionneau: data leak after a claimed cyberattack
The City'Pro Marionneau network, specialised in driving training and professional qualifications, is reportedly the victim of a cyberattack with a data leak of
Gueguen Avocats: a claimed data leak with thousands of documents exposed
The Gueguen Avocats law firm is reportedly the victim of a cyberattack with a data leak claimed by the Qilin ransomware group, which says it has published a
Université de Bourgogne: a claimed data leak targeting students
Université de Bourgogne is allegedly targeted by a data leak following a claim published by the hacker group LunarisSec. According to the
Vercel: security incident confirmed after a leak claim
Vercel, a cloud platform popular in the JavaScript ecosystem and creator of Next.js, has confirmed a security incident involving unauthorised
38,085 customers exposed in a claimed leak at Comptoir du Rêve
Comptoir du Rêve customers are affected by a claimed leak. According to the claim, the actor "ChimeraZ" reportedly published a database of 42,606 records corresponding to 38,085 individuals…
Imprimerie Nationale: leak of the software handling French secure documents
A hacker group claims to be selling internal software attributed to IN Groupe, a French public company specialized in secure documents
JeuJouet.com: alerts customers after a cyberattack on its e-commerce site
The online retailer JeuJouet.com informed its customers by email after a cyberattack affecting the Magento e-commerce platform, used by many
Magento: 7,500+ sites compromised in a global hacking wave
A vast hacking campaign is currently affecting the Magento ecosystem, with more than 7,500 sites compromised and malicious files dropped on more
Moulin Roty: customer data exposed after a cyberattack
The French brand Moulin Roty alerted its customers by email following a cyberattack targeting their Magento e-commerce platform, used by many
Bazar du Manga: data leak confirmed after customer cold-calling
The online shop Bazar du Manga confirms a customer data leak following the unauthorised extraction of contact details from its database. In a
ComptoirDuReve.fr: a leak exposes the contact details of 42,000 customers
The e-commerce site ComptoirDuReve.fr is reportedly targeted by a data leak with the release of a database containing nearly 42,000 customers. The database, at
French Basketball Federation (FFBB): 1.9 million licence holders exposed in a massive leak
The HexDex group claims to be selling the personal data of the French Basketball Federation (FFBB), mentioning more than 1.9 million
Filair: nearly 50 years of internal archives published after a cyberattack
Filair, a French company specializing in industrial metal manufacturing, is reportedly the victim of a major cyberattack, with the exfiltration
Gauthier Tissus: 54 GB of internal data published after a cyberattack
The company Gauthier Tissus, specialized in the weaving and finishing of technical fabrics, is reportedly targeted by a cyberattack with the publication of
Leak at Jeu Jouet
Claimed data leak concerning Jeu Jouet.
Clinique de l'Yvette: a leak of medical imaging claimed
The Clinique de l'Yvette in Longjumeau is reportedly targeted by a cyberattack, with data put online and administrator access claimed by a
ETAI (Infopro Digital Automotive): 6,600 garages exposed in a leak
The hacker ChimeraZ claims to hold and distribute a database attributed to ETAI, a brand belonging to infopro digital automotive France, a group
Assuréa: leak of 150 GB of data (140k leads and 11k contracts)
The hacker Dumpsec claims to hold, after a cyberattack, a massive database from Assuréa, an insurance broker owned by the Meilleurtaux group.
Brit Hotel: 682,000 loyalty programme members in a data leak
HexDex claims to put up for sale a database linked to Brit Hotel, a French hotel chain present across the country, following a
National Police: cyberattack against the e-campus platform, 176k officers affected
The General Directorate of the National Police (DGPN) has confirmed that a hack targeted the e-campus online training platform, used
1,178 records exposed, data leak at Pompes Funèbres Musulmanes Toulouse
Customers and records of the deceased managed by Pompes Funèbres Musulmanes Toulouse are affected by a confirmed leak impacting nearly 1,200 entries. The leak, claimed by the actor "ntmpd"…
CNAOC: 30 years of internal archives and sensitive data exposed after a cyberattack
The hacker Lamashtu claims to hold a major document database linked to CNAOC (Confédération Nationale des Appellations d'Origine Contrôlée),
Logis Hotels: 598,000 loyalty program members exposed in massive leak
The Logis Hotels group, a major network of more than 6,300 independent hotels and restaurants in France and Europe, is the target of a claimed leak
Basic-Fit: 1 million customers affected, banking details exposed after a cyberattack
Basic-Fit confirmed a cyberattack that resulted in a data leak affecting approximately 1 million members across several European countries. France
Leak at Chateau royal de Blois / Maison de la Magie
Surname, first name; email address; date of birth; phone number; fax number; postal address; VAT number
Leak at IAE Grenoble (via AlumnForce)
Last name, first name Email address Phone number Postal code, city Current job title Career aspirations Work experience Path within the network Diploma obtained, year Skills
Booking.com: customer reservation data exposed
A security incident reportedly affected Booking.com, with unauthorised access to data related to customer reservations. According to initial
Ardèche department: 26 GB of administrative RSA-related data exposed
A hacker claims to have collected and exfiltrated a significant amount of data related to RSA (Revenu de Solidarité Active), referring to a database of more than
École Directe: false cyberattack alert
After the massive leak referencing EduConnect, a new alert is circulating around École Directe, a platform widely used in schools
Insei.fr: 2,700 profiles and ID documents leaked after a cyberattack
The hacker ChimeraZ claims to have published a database linked to the Insei.fr site, containing sensitive personal information as well as
Académie de Paris: more than 5,000 contact records and student photos leaked
A hacker operating under the pseudonym Cybernox claims to hold and distribute a database linked to the Académie de Paris, containing personal information
ADMR: 5,280 employees and volunteers exposed in data leak
The hacker Cybernox claims to hold a database linked to ADMR (Aide à Domicile en Milieu Rural), containing several thousand profiles. According to the
70,551 vehicles - claimed leak at Base véhicules d'occasion France
Buyers and suppliers appearing in the records of 70,551 vehicles in France are reportedly affected by a claimed leak, according to the claim. The database is presented as a very…
EduConnect: more than 3.1 million student accounts leaked on the State platform
A hacker claims to hold a database tied to EduConnect, the official Ministry of Education system used to track schooling of
3,204 accounts affected by claimed data leak at FranceVerif.fr
FranceVerif.fr accounts are, according to the claim, affected for at least 3,204 unique people or accounts. FranceVerif.fr is an e-commerce site verification service that...
Addresses of 70,000 luxury car owners exposed
A hacker known as HexDex claims to be selling a database containing more than 70,000 vehicles, along with detailed information about their
Leak at Alumni Université Côte d'Azur (via AlumnForce)
Name, first name Email address Phone number Postal code, city Current job title Career aspirations Professional experience Career path within the network Degree obtained, year Skill
DB Telecom: a 40k-customer database put up for sale
A hacker claims to be selling a massive database from DB Telecom (Service Telecom), a player in the French telecommunications sector, with more than
Data leak at EasyLounge, Hi-Fi and home cinema reseller
EasyLounge customers are affected by a data leak confirmed by the company, after a cybersecurity incident communicated to the people concerned. The company, Hi-Fi and…
Leak at ENSAI Network (via AlumnForce)
First name, last name Email address Phone number Postal code, city Current job title Career aspiration Professional experience Path within the network Degree obtained, year Skills
Leak at Lilagora (via AlumnForce)
First and last name, email address, phone number, postal code, city, current job title, career aspirations, professional experience, career path within the network, degree obtained, year, skills
Son-Video.com & EasyLounge: customer data leak after a cyberattack
French audio and video specialist Son-Video.com has confirmed it was the victim of a data leak affecting some of its customers, after
Data leak at UPPA Alumni (via AlumnForce)
First name, last name Email address Phone number Postal code, city Current job title Career aspirations Professional experience Career path within the network Degree obtained, year Skill
Vranken-Pommery: customer data exposed after a cyberattack on the ticketing system
The champagne group Vranken-Pommery has confirmed that it was indirectly affected by a cyberattack targeting its online ticketing provider,
93,061 candidates affected by a claimed data leak at DCL
Individuals who took the DCL (Diplôme de Compétence en Langue) would be affected, according to the claim, by the sale of a file containing the personal data of 93,061…
1,133,731 members - claimed leak at French University Sport Federation
Members of the French University Sport Federation are, according to the claim, affected by a sale of their personal data by the threat actor HexDex. The...
Académie de Nice: personal data of teachers and staff leaked
A database linked to the Académie de Nice is reportedly being distributed online, containing information on French Ministry of Education staff.
Alinto: a massive leak of 40 million emails hits CAC40 companies
A massive leak at a key email player in France A major incident hits Alinto, a French provider of professional email solutions based
Leak at Alumni Université de Strasbourg (via AlumnForce)
First name, name Email address Phone number Postal code, city Current job title Career aspirations: Sectors, compensation sought, countries or cities + postal codes sought, position sought, experience level Professional experience: month and year, job title, company, city Career path within the network: degree obtained in year, name of the degree) Skills
Diamond: OneDrive and SharePoint documents leaked by the Gunra group
The French company Diamond, specialising in the manufacture of metal gratings for industry and construction, is reportedly the victim of a
FICOBA: 1.2 million bank accounts exposed after intrusion into state systems
A major cyberattack has affected the FICOBA file, the national bank accounts database managed by the Directorate General of Public Finances (DGFiP).
Data leak at KFC France, undisclosed volume
Members of KFC France's Colonel Club loyalty program received an email informing them of a breach of their personal data. KFC France said in this message that the number…
Synergy: a key player in data and cloud in France hit by ransomware
Synergy France, a company specialising in data and cloud solutions, is reportedly currently being targeted by a ransomware-type cyberattack. The company
AlumnForce: 2.7 million students and graduates exposed
The AlumnForce platform, specializing in the management of alumni networks and professional communities, is reportedly at the heart of a massive leak
Gauthier Connectique (nicomatic): 42 GB of sensitive data threatened after a cyberattack
Gauthier Connectique, a French company specializing in the design and manufacturing of high-precision connectors for civil aeronautics
YMED (SOONCARE): 253,000 patients exposed, 132 GB of medical data exfiltrated
Healthcare software publisher YMED, via its SOONCARE® platform, is targeted by a cyberattack claimed by the extortion group XP95. The
Aircos Pascual (Anjac): ongoing ransomware attack by the TheGentlemen group after a cyberattack
French cosmetics manufacturer Aircos Pascual, a subsidiary of the Anjac group, is targeted by a ransomware attack claimed by the group
ARS: 35 million patients affected by a data leak, 130 hospitals and AP-HP targeted
The DumpSec group claims to be selling a massive database covering 35 million French citizens, presented as originating from systems linked to more than 130
Nosho: 133,000 users compromised, a new leak that weakens the medical sector
Following our article published on 5 April 2026, the company Nosho wanted to provide several clarifications on the incident: An attack on our database
Alltricks: more than 820,000 customer accounts for sale on the dark web
Alltricks states that it has conducted in-depth investigations across all of its databases. According to the company, the information currently being
Leak at Contrat d'intégration républicaine
Surname, first name; email address; postal address; phone number
Ledger: 105,000 French cryptocurrency holders exposed
Ledger's customer database, originating from a leak that occurred in January 2026 via the Global-e provider, is once again offered for sale on a forum
French Office for Immigration: massive data leak on the Republican Integration Contract
OFII (the French Office for Immigration and Integration) has confirmed a data leak following unauthorised access to its management tool for the
Or en Cash: new data leak confirmed in gold buying/reselling
Or en Cash confirms that it has been the victim of a data leak following a security incident, just days after the cyberattack targeting Gold
Veuve Clicquot: visitor data compromised after a cyberattack on the ticketing system
Champagne house Veuve Clicquot was the victim of a ransomware-type cyberattack affecting the booking system for its tours, via a
Adobe: 13 million support tickets leaked after a cyberattack
Adobe is reportedly targeted by a massive data leak claimed by the hacker Mr. Raccoon, involving more than 13 million support tickets. The
Fountain: intrusion and data theft during a ransomware cyberattack
The Belgian company Fountain, specialized in coffee-related services and listed on the stock exchange, was the victim of a ransomware-type cyberattack.
Data leak at La Quiberonnaise
La Quiberonnaise customers are affected by a data leak confirmed by the company. According to the communication sent by email, unauthorized access to personal data is…
291,000 users affected by a claimed leak at SongTrivia2.io
SongTrivia2.io users could be affected, according to the claim, by nearly 291,000 accounts. The leak is dated April 2026 and, according to the accompanying text, was allegedly…
French National Hunters Federation: nearly 1 million members in a leak resurfacing
The French National Hunters Federation (FNC), the organization representing hunters in France, reportedly faces a massive data leak placed on
Gold Union: more than 120,000 gold buyers exposed with ID documents and transactions
Gold Union, a major player in the buying and selling of gold and silver in France, is at the heart of a critical data leak involving more than 126,000
Maxance: 348,000 people publicly exposed, French state employees among those affected
Insurance broker Maxance is hit by a data leak now publicly disseminated, affecting more than 348,000 people. Among the
Serap: ransomware with 50 GB of data threatened
The French industrial group Serap, a world leader in milk tanks, is being targeted by a cyberattack claimed by the Akira ransomware. The attack,
Under Armour: the brand warns French customers after the leak of 72 million accounts
Under Armour confirms it was the victim of a massive data leak involving more than 72 million customers, after several weeks of uncertainty around
Force Ouvrière (FO): more than 160,000 profiles exposed in a data leak
Force Ouvrière, a major player in the French social landscape, confirms having been the victim of a data leak following the compromise of a file
Missions Locales: more than 500,000 young people exposed following a cyberattack
A new data leak targets the Missions Locales network, with more than 506,000 profiles currently offered for sale on dark
Notre-Dame du Grandchamp: thousands of pupils exposed after a cyberattack
The Catholic school Notre-Dame du Grandchamp is being targeted by a cyberattack claimed by the Nightspire ransomware group, with a database already
Vacancéole: new customer leak in the tourism sector
Vacancéole, a specialist in holiday rentals in France, was the victim of a security incident involving a technical provider, confirming a
Homair: customer data exposed after a cyberattack
Homair, a booking service for camping and holiday village stays, was hit by a security incident linked to a third-party technical provider.
Leak at La Mine Bleue (via Vivaticket)
Last name, first name Postal code, country Email address Purchase history
Vaucluse Provence Attractivité: customers targeted after a cyberattack
Vaucluse Provence Attractivité, a public body in charge of tourism and economic promotion of the territory, was the victim of a cyberattack
Belambra: customer contact details exposed after a cyberattack
Belambra Clubs & Hôtels was affected by a security incident involving a service provider in charge of its booking system. This incident reportedly
French Savate Federation: nearly 680,000 licence holders exposed over 49 years
A data leak reportedly targets the French Federation of Savate, French boxing and related disciplines. An actor identifying as HexDex
Leak at GDQuest
Email address Title and price of courses taken Username and account slug
Iliad (Free): new cyberattack with leaked network data
The Iliad group, parent company of Free, has been listed on the data leak site of a cybercriminal group called ALP-001. The attackers claim
La Centrale de Financement: 387 GB of data leaked
The company La Centrale de Financement is the victim of a massive data leak originating from its internal network. According to available information, approximately
Le Petit Vapoteur: 3.3 million customers exposed
A data leak of exceptional scale reportedly targets Le Petit Vapoteur. A hacker claims to have compromised the entire database and the
Handisport: nearly 200,000 members affected by a cyberattack
A data leak affects the French Handisport Federation and reportedly concerns 197,276 people according to initial reports. The incident was
Scalian: sensitive employee data leaked after a cyberattack
A data leak affects Scalian, the French IT services company, with a number of impacted employees that is not yet known at this stage. The incident, reported on 27
Allopneus: 453,000 customers exposed after a cyberattack
Allopneus confirmed a security incident in an email sent to its customers on 27 March 2026. According to the message, a cyberattack identified on 23 March
Mondial Tissus: 365,900 customers compromised by a leak
A major data leak is reportedly currently targeting the Mondial Tissus chain. According to information circulated on a hacker forum, 365
SIA: data leak of 62,511 firearms in France
A major leak affects the Système d'Information sur les Armes (SIA), the centralised database used in France for firearms tracking. In total, 62
European Union: cyberattack on the Europa platform
The European Commission has revealed that it was the victim of a cyberattack on 25 March 2026, targeting its cloud infrastructure used to host the
Leak at Les Champs Libres
First and last name, email address, phone number, password (🤬)
Cerballiance: medical data exposed after a cyberattack
The Cerballiance laboratory network was the victim of unauthorised access to personal data hosted at an IT service provider.
176,317 staff exposed: data leak at the French Ministry of the Interior (E-campus)
Staff of the French Ministry of the Interior using the E-campus training platform are affected by a confirmed leak impacting 176,317 people. Publication of the database is…
Crous: 770,000 students affected by a massive leak
Crous (via Cnous) confirms a cyberattack that led to the exfiltration of data on 774,000 people from the platform
Leak at Crunchyroll
First name, last name Email address IP address Banking data
Leak at Europa (European Commission)
Data leak claimed concerning Europa (European Commission).
Volume unspecified - data leak at French Free Flight Federation
Licence holders of the French Free Flight Federation are affected by a confirmed leak, the published material establishing the existence of unauthorized access to member records. The leak has...
Leak at Marseille-Provence Metropolis
Email address
62,511 records in the SIA data leak
Firearms owners registered in the Système d'Information sur les Armes (SIA) are affected: nearly 62,500 records have been exposed. The SIA is the centralised government database…
Leak at I-Cad
Email address
Intoxalock: a cyberattack locks cars in the United States
A cyberattack is currently targeting the American company Intoxalock, specialized in connected breathalyzer interlock devices that prevent vehicles from starting in
Catholic education: a cyberattack exposes 1.5 million pieces of data
The General Secretariat of Catholic Education was the victim of a cyberattack that resulted in the leak of approximately 1.5 million data records. The
363,000 customers affected by data leak at Airsoft-Entrepot
Airsoft-Entrepot customers are affected by a confirmed leak impacting commercial and personal data collected by the airsoft online retail site. Nearly 363,000 people…
109,302 CMF members: data leak claimed
The 109,302 members of the Confédération Musicale de France (CMF) are reportedly affected, according to the claim. According to the elements provided, a batch put up for sale by the actor HexDex would contain the…
113,000 members affected by a cyberattack at La Mutuelle Familiale
Members of La Mutuelle Familiale are potentially affected by a computer intrusion discovered on March 17, 2026. In total, 113,000 members could be affected, according to…
Data leak at Mingat
Mingat customers are affected by a data leak confirmed by the company. The firm, specialized in vehicle rental, informed its customers of a security incident that…
262,651 teachers affected, data leak at the French Ministry of Education
The 262,651 teachers, future teachers and trainee teachers are affected by a data leak tied to the system managing the education authorities. The incident covers a history of several…
10,816 Canada Goose customers in a data leak
Canada Goose customers in France are affected by a confirmed data leak involving nearly 11,000 people. The published elements indicate that a significant corpus of accounts from the site…
Leak at Musée des Arts et Métiers
First and last name, email address, user account information, orders
60,000 staff exposed in a claimed data leak at Annuaire Administration
Staff listed in the Annuaire Administration are reportedly affected by a data leak, according to the claim published by actor HexDex on the DarkForums forum. The announced corpus…
Leak at Bibliothèque Nationale de France
Surname, first name; email address
594 phone numbers in the claimed leak at Sarah Knafo #2
Parisian members of the Reconquête! party are affected by a claimed leak linked to Sarah Knafo's municipal campaign. Nearly 600 phone numbers are reportedly exposed, according to the…
890,000 users affected by a claimed leak at GPS Santé
Users of GPS Santé, a network that connects patients with doctors and specialists, are affected by a claimed leak, according to the claim. The message states…
71,502 patients affected by a claimed data leak at Therapeutes.com
Therapeutes.com patients would be affected by a data leak, according to a claim published by the actor HexDex. The claim mentions approximately 71,502 patients and nearly 200,000…
Data leak at Université Paris-Est
Students, staff and partners of Université Paris-Est are affected by a confirmed leak affecting the establishment's administrative files. Approximately 315,000 lines of…
813,866 users affected by the data leak at Medoucine
Medoucine users are affected by a data leak confirmed by information made public, impacting nearly 814,000 profiles. Medoucine is a platform connecting…
476,282 customers affected by a claimed leak at Intersport Rent
Intersport Rent customers are reportedly affected, according to the claim, by a claimed leak that would impact 476,282 customers. The post indicates a database of around 1.2 million records…
Leak at Pronote
Claimed data leak concerning Pronote.
Stryker Handala wiper attack (Iran-linked, 2026)
The Iranian state-linked group Handala compromised Stryker's Microsoft Intune administrator account and used the endpoint-management tool to wipe more than 200,000 servers, mobile devices, and corporate endpoints across 79 countries — bringing operations at one of the world's largest medical-device makers to a halt.
Data leak at Vivaticket following a ransomware attack
Vivaticket customers are affected by an announced data leak following a notification from the company. On 2 March 2026, Vivaticket informed its customers that a ransomware attack had…
1,005,361 members of the ASPTT Multi-Sports Federation: claimed data leak
Members of the ASPTT Multi-Sports Federation may be affected by a claimed leak involving more than a million registrations, for the 2014-2026 period, according to the claim...
310,000 Carte Jeune beneficiaries: Région Occitanie data leak
Beneficiaries of the Région Occitanie's Carte Jeune are affected by a data leak confirmed by the Region. According to the elements made public, around 310,000 people registered for the…
Data leak at Vatel Capital
Vatel Capital customers were informed by email on 9 March 2026 of an accidental file exposure. The asset management company indicates that the incident occurred between 21 February and 3…
1,042 Airclaim customers affected by a claimed data leak
Airclaim customers are reportedly targeted by a claimed data leak, according to the claim. Based on it, 1,042 French nationals are said to be among 55,867 customer files affected…
74,572 FNATH members: claimed data leak
Members of FNATH are affected by a claimed leak involving nearly 75,000 people, according to the claim. The association supporting victims of life accidents is reportedly the subject of a...
800,000 Le Temps des Cerises customers - claimed data leak
Customers of Le Temps des Cerises are reportedly affected by a data leak, according to the claim. Nearly 800,000 people who ordered from the ready-to-wear brand's website could see their…
1,342,952 Stych customers affected by a data leak
Customers of Stych, an online driving school, are affected by a data leak confirmed by the company to its customers. According to the elements published, the database includes 1,342,952…
4,600 people affected by a claimed leak at Ordoclic
Ordoclic's patients and business contacts may be affected by a claimed leak. Nearly 4,600 people would be impacted, according to the claim, which includes patients…
161 GB of data: claimed data leak at SYNLAB France
SYNLAB France customers and partners are potentially affected, according to the claim by the HexDex collective. The group claims to hold 161 GB of internal data belonging to the…
Data leak at Centre des Monuments Nationaux
Visitors who booked tickets with the Centre des Monuments Nationaux are affected by a confirmed data leak. According to the publicly released elements, the leak comes from a…
Claimed leak at TAJ (Traitement d'antécédents judiciaires)
Systems linked to TAJ, used by the French Police and Gendarmerie, are allegedly affected by a claimed leak. According to the claim, a data package allegedly presents a complete system image…
713,814 people affected by a claimed data leak at ImmoJeune
Individuals who submitted a rental application on ImmoJeune are reportedly affected, according to the claim, by the sale of their data. Nearly 714,000 files are reportedly targeted, according to…
25,000 students affected by a claimed data leak at Penninghen
Penninghen students and, more broadly, people linked to the school are reportedly affected by a claimed leak impacting the institution's database, according to the claim. The publication…
15,000 employees affected by claimed data leak at ANCT
Employees of the Agence Nationale de la Cohésion des Territoires (ANCT) are affected by a claimed leak impacting around 15,000 people. According to the claim, files containing…
1,462,485 beneficiaries affected by the Banque Alimentaire data leak
Beneficiaries of the Banques Alimentaires network are affected by a confirmed leak involving nearly 1.46 million people. The file reportedly covers the 2012-2026 period and contains…
8,220 users affected - claimed data leak at Brouillon de culture
Brouillon de culture users are, according to the claim, affected by the exposure of about 8,220 accounts. The publication is attributed on 4 March 2026 to an actor presenting itself as…
6.6 million users exposed in data leak at YGG Torrent
YGG Torrent users are affected by a confirmed leak affecting nearly 6.6 million accounts. The incident stems from the compromise of an administrator and led to the…
13,000 Be-bunk customers affected by a data leak
Customers of Be-bunk, a payment services provider mainly active in New Caledonia, Wallis and Futuna and French Polynesia, are affected by a confirmed data leak…
1,457,473 orders affected by claimed leak at Florajet
Customers and recipients of Florajet may be affected by a claimed leak involving 1,457,473 orders, according to the claim. The announced corpus reportedly covers the 2023-2026 period and...
2,200 patients affected by a claimed leak at Bioserveur
Bioserveur's patients are reportedly affected by a claimed leak involving approximately 2,200 PDF documents, according to the claim. These files are described as test result reports…
Leak at Cloud Imperium Games
Surname, first name; username; date of birth; contact data
Leak at Lisi
IBAN, contract, corporate data
Leak at MDPH 92
500 email addresses (in batches?): email address
Leak at the Oceanographic Museum of Monaco (via Vivaticket)
First and last name, date of birth, email address, phone number, postal code and city, order history, booked events (type and number), password
Leak at Palais de la Porte Dorée
Last name, first name Email address Postal address Phone number Date of birth Purchase history Encrypted password (??? 🤷)
Leak at Paris Adult Courses Platform
Last name and first name Date of birth Email address Postal address Phone number
Data leak at Tactis
Ransomware
10,000 members affected by a claimed data leak at Tchap
Members of the French state messaging service Tchap would be affected by an announced leak, involving approximately 10,000 accounts according to the claim. According to the same claim, several rooms…
Data leak at Orléans city hall (via Vivaticket)
First name, last name Email address Login Encrypted password (🤷)
2,500 people affected by a claimed leak at BE ATEX
BE ATEX's clients and employees are, according to the claim, affected by a data leak that would concern nearly 2,500 people. According to the claim, a database of 2,500…
343,734 members - data leak claimed at French Aeronautics Federation
Members of the French Aeronautics Federation could be affected by a data leak. According to the claim, 343,734 records covering the period 2002-2026 would have been put up…
37,472 licence holder photos in FFR XIII data leak
Licence holders of the French Rugby XIII Federation are affected by a confirmed leak involving photos and licence information. Nearly 37,000 of the exposed photos relate to...
Data leak at Union Nationale du Sport Scolaire
668,000 members in 2025/2026, 889,000 members in previous years first name, last name date of birth gender age category class and school establishment licensee ID insurance registration date photo (URL)
3 million students: claimed data leak at UNSS #2
Students with a licence at UNSS are potentially affected, nearly 3 million of them would be impacted. UNSS is the French school sports federation that manages licences and…
175,942 people exposed in the Eiffage (NextSend) data leak
Eiffage employees and external contacts are affected by a confirmed data leak impacting the NextSend (Hegyd) platform. According to the claim of 25/02/2026, a database of 175,942…
Leak at ESPCI
Title, usual first and last name Professional email, and possibly personal email if provided Identification data: username, but not the password Position and assignment Photo, unless it had been indicated it should only be used for the badge Access permissions to services and premises Mailing list subscriptions For students: course enrolments For staff: employer, field of activity (BAP, CNRS and CNU section) For staff employed by the in-house body: corps, contract end date For service providers, partners and external personnel: employer, socio-professional category
Leak at French Gymnastics Federation
Last name, first name Date of birth Gender Postal address Email address Phone number Licence number
203,179 members - claimed leak at French Ski Federation
The 203,179 members of the French Ski Federation may be affected, according to the claim. The leak reportedly involves records spanning the 1999 to 2026 period, published by the actor...
Data leak at Westfield Club - customer information exposed
Customers of the Westfield Club loyalty programme are affected by a data leak confirmed by the brand, communicated to affected individuals by email. The brand did not specify the…
15 million patients affected by a data leak at Cegedim
The records of nearly 15 million patients managed via software from publisher Cegedim are affected by a confirmed leak. The publicly released elements indicate that this data comes from…
2,978,518 members - claimed data leak at French Gymnastics Federation
Members of the French Gymnastics Federation are affected by a claimed data leak involving nearly 3 million records, according to the claim. The declared corpus...
Claimed data leak at French Karate Federation, volume unspecified
Licence holders and members of the French Karate Federation are affected by a claimed data leak, according to the claim. According to the announcement, a FFK database has been...
Leak at Sports and Cultural Federation of France
title, last name, first name, gender date of birth nationality country of birth postal address licence number, member code sports discipline affiliated structure
116,122 customers and prospects: claimed data leak at Santeo
Customers and prospects of Santeo, a health insurance comparator, are reportedly affected by a claimed data leak impacting around 116,122 people, according to the claim published on 26…
Data leak at CAF (RSA) - unspecified volume
RSA welfare recipients are affected by a confirmed data leak involving an unspecified volume of personal information. The data was reportedly exfiltrated after unauthorised access…
Leak at Caisse d'allocations familiales (via Direction du Numérique (DINUM))
contact data related to the RSA application; beneficiary ID number; surname and first name(s) of the beneficiary; surname and first name(s) of the person in charge of the file; social security number; RSA application date; start date of rights and duties; phone number; email address
352,502 members affected by a claimed leak at FFAAA
Members of the French Aikido, Aikibudo and Associated Federations (FFAAA) are affected by a claimed leak of their personal data. According to the claim, a corpus of 352,502…
18 GB of data (ID cards, bank details, photos) - claimed leak at MyConnect
Users of the digital temp agency MyConnect are reportedly affected by a claimed leak covering about 125,000 lines of data and 18 GB of files, according to the claim…
8,571 KYC documents, leak claimed at Ayomi
Ayomi's clients and project owners may be affected by a claimed leak involving documents used for identity verification (KYC). According to the claim, a database…
74,312 business accounts: leak claimed at Cegid
The accounts of 74,312 corporate customers of Cegid are reportedly affected, according to the claim. The incident, attributed by the claimant to the actor "authsso", concerns customers in France…
728,732 members - claimed data leak at French Motor Sport Federation
Members of the French Motor Sport Federation (FFSA) are affected by a claimed data leak targeting the federation. According to the claim, a database of 728,732 members...
Leak at the Civil Aviation Safety Organisation
420 GB of data ID card Passport Diploma Proof of address Internal document Thales, Dassault Systèmes, Airbus, Boeing, FAA, military…
11 million records and documents - claimed leak at French Athletics Federation
Licensed athletes, officials and coaches of the French Athletics Federation would be affected by a leak, according to the claim by the actor goldorak. The claim refers to 11 million…
5 million records: data leak at Mondial Relay
Mondial Relay customers are affected by a confirmed data leak impacting approximately 5 million records. The published elements indicate this is a corpus aggregated from…
400,000 Olympique de Marseille customers, claimed leak
Olympique de Marseille customers are reportedly affected by a claimed leak impacting nearly 400,000 people, according to the claim. The publication announces the sale of a database…
80,000 documents: claimed leak at Unis Cité
Young volunteers at Unis Cité would be affected by the publication of 80,000 documents and 40 GB of data, according to the claim. The organisation, which offers civic service missions…
Data leak at the French Badminton Federation
Licensed members and contacts of the French Badminton Federation are affected by a confirmed leak from an export of the internal Poona application, discovered on 11 September 2025. The origin…
Claimed leak at MaSalleDeSport - unspecified volume
Customers of gyms that use the MaSalleDeSport CRM could be affected, according to the claim. The self-proclaimed hacker "84City" claims to have compromised this provider, which manages…
Data leak at IDMerit - Exposed database
Individuals who performed online identity verification through IDMerit are affected by a confirmed data leak. According to a report, around 1 billion records from 26…
41,000 customers affected by a claimed leak at Innovorder
Innovorder customers are affected by a claimed leak impacting around 41,000 records, according to the claim. Innovorder offers management solutions for the foodservice industry…
19,000 people affected by a claimed leak at Azaé
Azaé's clients and employees are reportedly affected by a claimed leak, according to the claim. The publication indicates that around 19,000 people are exposed, including many…
65,000 employees affected by data leak at French National Gendarmerie (RESANA)
Employees and civilians linked to the French National Gendarmerie via the Resana collaboration tool are affected by a data leak involving approximately 65,000 rows. The leak, described as confirmed by...
400,000 members affected by a claimed data leak at KeepCool
KeepCool members are affected by a claimed leak that would impact nearly 400,000 people. According to the claim, the batch put up for sale on February 20, 2026 on BreachForums by the actor…
8,861 staff - data leak at the French Ministries of the Interior & Armed Forces
Staff of the French Ministries of the Interior and Armed Forces are affected by a confirmed data leak covering 8,861 records. The compilation was published on February 20, 2026 by…
Claimed leak at OSAC (Civil Aviation) - Ransomware - see details
People whose ID documents or other documents are held by OSAC may be affected by a claimed leak. According to the claim, the LAPSUS$ group allegedly extracted around 420…
Data leak at PayPal: exposure affects PayPal Working Capital customers
Customers of the PayPal Working Capital (PPWC) lending service, used by businesses, are affected by a confirmed data leak. A "small number" of accounts, including customers in France…
2,393 officials affected by a Police, Gendarmerie, CNIL data leak
Officials from the Gendarmerie, Police, Defence and CNIL are affected by a confirmed data leak, impacting 2,393 people. The compilation was published on 20/02/2026 by…
Leak at FFCK and Paddle Sports
Last name, First name Gender Date of birth Club name, Departmental committee name, Departmental committee code, Regional committee name, Regional committee code Paddle color, Licence type
Leak at the French Ministry of Sports, Youth and Community Life
Identification data, civil status, date and place of birth, personal contact details, administrative and educational information
450,000 FOROM users hit by a data leak
Users of FOROM, the French Ministry of Sports portal that manages training programs and qualifications for sports professions, are affected by a data leak impacting about 450,000 accounts…
Claimed leak at Valgo - internal and customer data (ransomware)
Valgo customers are potentially affected by a data leak, according to the claim by an actor presenting itself as a ransomware-type group. According to this claim, 279 GB…
1,431,906 members affected by a data leak at CFDT
CFDT members are affected by a confirmed data leak impacting more than 1.4 million records. The actor HexDex claims the sale of data of 1,431,906 members, and…
Cyrillus data leak detected via a third-party provider
Cyrillus customers are affected by a data leak confirmed based on the elements made public. The leak, originating from a third-party provider, was detected on 13 February 2026. The number of…
Leak at Direction Générale des Finances Publiques
1.2 million accounts Identity of holders Postal address Tax ID IBAN
Leak at Espace CE
First name, last name Email address Postal address Phone number Date of birth Hashed password
1.2 million bank accounts: data leak at FICOBA
Holders of nearly 1.2 million French bank accounts are affected by a data leak involving FICOBA, the Ministry of the Economy and Finance announced. According to Bercy, the...
5,022 records from Lycée Carnot Paris: claimed data leak
Students, their parents and staff at Lycée Carnot Paris could be affected by the disclosure of approximately 5,022 user records. According to the claim, these records were reportedly…
512,000 On Air Fitness members, claimed data leak
On Air Fitness members and former members are reportedly affected, according to the claim, by a data leak impacting around 512,000 people. According to the announcement, the files cover…
358,000 Réglo Mobile (Leclerc) customers affected by a data leak
Réglo Mobile (Leclerc) customers are affected by a confirmed leak impacting nearly 360,000 people. The database was put up for sale by the actor "84City" on 18 February 2026…
27,000 employees affected by a data leak at RTL Group
Current and former employees of the audiovisual group RTL Group are affected by a confirmed leak impacting nearly 27,000 people. A database described as containing these records was…
8,000,000 Axa customers: claimed data leak
Axa France customers are affected, according to the claim, by an announced leak that would impact more than 8 million people. The claim indicates that 'data and access' were…
1,617 customers and partners hit by Adidas data leak
Adidas customers and partners are affected by a confirmed leak that exposes personal and commercial information. According to available information, around 1,617 people have been…
CNRS data leak - ransomware targeting agents before 2007
Permanent and non-permanent staff who worked at CNRS before 31 December 2006 are affected by a data leak confirmed by CNRS. The exact volume of exposed information has not…
31 million bookings claimed in data leak at Socloz
Customers of Socloz partner brands are affected, according to the claim, by the exfiltration of approximately 31 million booking lines in early 2026. Socloz is a platform…
Data leak at Voyage Privé - upcoming bookings exposed
Voyage Privé customers with upcoming trips are affected by a confirmed data leak. The elements made public indicate that booking information was exfiltrated…
14,753 people affected by a claimed leak at EPITA
Students and staff at EPITA are affected by a claimed leak of academic files. Nearly 15,000 people would be affected, according to the claim. The announcement specifies…
97,795 FFVRC members affected by claimed data leak
Members of the French Radio-Controlled Cars Federation (FFVRC) may be affected by a claimed leak involving nearly 98,000 people. According to the claim, 97,795...
19,313 Chez Switch customers: data leak claimed
Chez Switch customers are, according to the claim, affected by a data leak that would impact nearly 19,300 people. Chez Switch presents itself as an energy supplier and…
Leak at Grain de Malice (via Socloz)
Last name, first name Email address Phone number
3,600 Gustave-Auto customers affected by a claimed data leak
Gustave-Auto customers are potentially affected by a claimed leak covering around 3,600 data records, according to the claim. The service, specialized in managing…
Claimed leak at Kimsufi (OVHcloud) affecting databases
Customers of Kimsufi, the OVHcloud brand specialized in hosting, dedicated servers and VPS, are affected by a claimed leak. According to the claim dated February 13, 2026…
Cyberattack at Les Restos du Cœur
Employees and volunteers of Les Restos du Cœur are affected by a confirmed data leak tied to a cyberattack. According to information made public, the incident dates back to February 11, 2026 and has…
2.4 million licence holders - data leak at French Judo Federation
Licence holders of the French Judo Federation are affected by a data leak involving nearly 2.4 million people. France Judo confirmed the attack via an internal statement. The...
Leak at Commune de Bourg-Achard
Claimed data leak concerning Commune de Bourg-Achard.
13,016 customer accounts, data leak claimed at Birdee
Birdee customers may be affected: according to the claim, 13,016 unique customer accounts were extracted from two database files. Birdee was a management service…
70,000 customers affected by a claimed leak at Ciffreo Bona
Ciffreo Bona customers are affected by a claimed leak involving nearly 70,000 accounts, according to the claim. The announced file would cover 15 years of activity (2009-2024) and…
Data leak at Safran Group: supply chain exposed
Partners, suppliers, carriers and business contacts of Safran Group are affected by a confirmed leak that affects the global supply chain. The published elements indicate…
Data leak at Aïkan affecting Flitter and Wakam customers
Customers of partners Flitter and Wakam are affected by a data leak linked to systems of the broker Aïkan. The intrusion that led to this compromise was detected on 15…
4,198,129 employees affected by the data leak at Groupe Atalian
Employees of Groupe Atalian are affected by a data leak confirmed by the company, covering nearly 4.2 million records. According to the published material, these records were…
Leak at La Carte Avantage Jeune
480,000 users, 56,000 documents, 92 GB Last name, first name Date of birth Postal address Phone number ID card Birth certificate Signature
348,346 Maxance customers: claimed data leak
Maxance customers are, according to the claim, affected by the publication of 348,346 records containing personal and contractual information. The file is announced as…
Data leak at PharmaShopi - volume not specified
Customers who placed or attempted an order on PharmaShopi are affected by a confirmed leak. The site, an online pharmacy and parapharmacy, had payment information exposed…
Data leak at Prozon, volume not specified
Prozon customers are affected by a data leak announced following unauthorised access to an infrastructure tool in February 2026, confirmed by the company which notified the CNIL. The…
12,143 Renault Sud-Est customers affected by a claimed data leak
Customers of Renault dealerships in the South-East are reportedly affected by the publication of 12,143 customer records, according to the claim. The extraction allegedly comes from a CRM database export dated 21…
Data leak at Sumsub
First name, last name Phone number Email address
28,000 customers and staff affected by a claimed leak at Immo-pop
Immo-pop customers and staff are reportedly affected, according to the claim, by a claimed leak impacting nearly 28,000 people. Immo-pop is a real estate platform; the…
1,227 registrations exposed in the data leak at Rankfyt
Participants registered via Rankfyt are affected by a data leak impacting 1,227 registrations, with details concerning more than 2,000 linked people (teammates). The files…
12,711 coordinators affected by a claimed data leak at CetteFamille
CetteFamille's coordinators are reportedly targeted by a claimed data leak affecting around 12,700 people. According to the claim, more than 333,000 documents (about 41 GB) covering…
Leak at the French Office for Biodiversity
Last name, first names Date and place of birth Postal address Landline and mobile phone numbers Nationality Email address Hunting licence number Information relating to the application, processing or examination of the hunting licence Listing in the national file of persons prohibited from acquiring and holding firearms Summons, dates, attendance and result
Claimed data leak at Voyages Robin
Voyages Robin customers could see sensitive information exposed, according to the claim dated 7 February 2026. The claim indicates a ransomware attack with…
Leak at French Table Tennis Federation
2 million licence holders Last name, first name Email address Postal address Phone number Licence data
Leak at French Sailing Federation
Last name, first name Date of birth Postal address Email address Phone number
Leak at the City of Paris
320,292 people: first and last name, date of birth, postal address, phone number, email address
Leak at ADMR
Name, first name Email address Postal address Organization
15,108 employees hit by claimed leak at ARS
Employees of the Agence Régionale de Santé (ARS) are, according to the claim, affected by the exposure of 15,108 professional email addresses and other data linked to their activity. The…
7,665 patients affected by a claimed data leak at Asten Santé
Asten Santé patients are, according to the claim, affected by 7,665 lines of patient data published for free by actor sux1337. The records announced would reportedly cover the…
Leak at Centre Communal d'Action Sociale de Dunkerque
66,343 citizens; surname, first name; date of birth; postal address; phone number; email address; household profile; family situation
4,000 officers affected by a claimed data leak at Centre National de Gestion (CNG)
Authorising officers attached to the Centre National de Gestion (CNG) are affected by a claimed leak involving 4,000 lines of data, according to the claim. The document published on 5…
39,896 customers affected by a claimed leak at Family Cinema
Family Cinema customers would be affected by a data leak, according to the claim. The advertised batch would contain nearly 156,489 orders and 39,896 unique customers, covering the period…
813,983 FFRandonnée members - claimed data leak
Members of the French Hiking Federation may be affected by a data leak, according to the claim. The announced figure reaches nearly 814,000 people...
Data leak at Flickr confirmed by the company
Flickr users residing in Europe are affected by a metadata exposure that hit the service in February 2026. According to the official announcement, approximately 228,000 European accounts...
Data leak at Protexia France
Customers and contacts of Protexia France are affected by a data leak confirmed in early February 2026. Protexia France provides security and remote surveillance services.
1,150 people affected by a data leak at Notre-Dame des Dunes
Pupils and staff of the Collège-Lycée Notre-Dame des Dunes in Dunkirk are affected by a confirmed data leak, impacting around 1,150 people. The incident mainly concerns…
553 Collège Saint-Charles pupils affected by a data leak
The 553 pupils who are members of the Sports Association of Collège Saint-Charles (Guipavas/Brest) are affected by a confirmed data leak. The information uncovered comes, according to…
828,000 stop-points exposed in data leak at Loxam
Loxam customers, employees and partners are affected: 94,735 delivery routes and nearly 828,000 stop-points covering five years (2020-2026) in France and internationally are…
377,418 jobseekers - data leak at Choisir le service public
Jobseekers who used the state recruitment portal are affected: the leak impacts 377,418 people. The published elements confirm that data extracted from the Choisir site…
697,313 Substack records exposed in data leak
Substack users are affected by a confirmed leak involving nearly 700,000 records. The incident affects accounts on the media platform and concerns individuals in…
79,164 customers affected by a data leak at Darty.com (Kitchen)
Customers of Darty.com's kitchen design service are affected by a confirmed leak relating to their appointments and project-related information. Nearly 80,000 people having…
Leak at French Army
2,971 files, 4.5 GB Classified documents (restricted distribution) Technical guides
66,000 users: data leak claimed at CCAS de Dunkerque
Users of the Dunkirk CCAS are, according to the claim, about 66,000 to be affected by a claimed data leak. The claimant says they accessed the database used for the…
21,647 people affected by a data leak at Inria
Staff at Inria, IRISA and many academic and industrial partners are affected by a confirmed leak, impacting around 21,600 people. The information comes from…
23,535 locum doctors - claimed data leak at Médecins Remplaçants
Locum doctors listed in a 2026 directory are reportedly affected by data being put online, according to the claim. The announced publication reportedly contains about 23,535 lines…
Claimed leak at ANPS (Association Nationale des Premiers Secours)
Volunteers, employees and people trained by ANPS could be affected by a claimed leak, according to the claim. The issue concerns the national infrastructure and its local branches…
Leak at Code Rousseau
Surname, first name; postal address; email address; phone number; ID photo; NEPH number; ASR data; signature
Cyberattack at Codes Rousseau targeting the Easysystème application
Students undergoing training via the Easysystème application, used by many French driving schools, are affected by a confirmed leak. The number of people affected has not been…
37.8 million user accounts in the ManoMano data leak
People with a ManoMano account are affected by a data leak hitting the online DIY and gardening site. Nearly 38 million accounts are reportedly involved, according to…
Leak at OpQuast
around one hundred people Email address
1,000,000 customers of FranceCasse.fr - claimed data leak
Customers of FranceCasse.fr are, according to the claim, affected by a leak exposing more than a million profiles. According to the claim, a 98 GB file structured via PrestaShop...
Leak at Match Group (Hinge, Match, OKCupid)
196,000 users: first and last name, login, password, user agent, date of birth, IP address, phone number
20,000 customers affected by the Multi-French-Real-Estate-Agencies data leak
Customers of eleven French real estate agencies are affected by a confirmed data leak that exposes sensitive information about them as tenants, owners or…
126,998 Reseau.site customers affected by a data leak
Customers of Reseau.site, a SaaS management platform for retailers and craftspeople, are affected by a confirmed leak impacting nearly 127,000 profiles. The incident exposes…
900,000 VeryChic customers affected by a data leak
VeryChic customers are affected by a confirmed data leak involving approximately 900,000 records. VeryChic is a luxury travel agency specialising in private sales…
Leak at 11 real estate agencies
1.2 million documents, 500+ GB SCI Fonciere de la tourelle Aix La Duranner Immo MARTEAU IMMOBILIER (Orpi) AFG IMMOBILIER OC INVESTISSEMENT TRENTA IMMOBILIER BLG PATRIMOINE SB IMMOBILIER SUN IMMOBILIA IMMOVALIE SAS Immo Name, first name Postal address Login and password Email address Rent receipt, invoice Phone number Contract data IBAN Maintenance logs Marketing campaigns Financial reports Minutes of general meetings E·V·E·R·Y·T·H·I·N·G
Leak at Puteaux Medical Imaging Centre
Surname, first name; date of birth; phone number; email address; postal address; number of appointments
Leak at Le CNAM
10,000 people Last name, first name Email address Phone number Job title and department Postal address Date of birth Website Hobbies
Leak at Lovys
Claimed data leak involving Lovys.
Data leak at UGSEL
600 students First name, last name Gender Date of birth Category Class
Data leak at Wemind (via Allianz)
First name, last name Postal address Email address Phone number
10,000,000 O'Tacos customers affected by a data leak
O'Tacos customers are affected by a confirmed leak that impacts the loyalty programme and the data linked to the brand's mobile app. Nearly 10 million profiles…
5.88 million customers affected in data leak at Techni-Contact
Customers of Techni-Contact, a B2B e-commerce platform, are affected by a confirmed data leak. According to the elements published, the corpus totals nearly 5.88 million lines…
Data leak at AutoForever linked to a flaw in the Brevo extension
Customers and contacts of AutoForever are affected by a confirmed data leak, with the volume remaining unspecified. The company states it does not know whether personal data was stolen following…
900,000 Lyleoo users affected by a data leak
Users of Lyleoo, a French ophthalmology tele-expertise platform, are affected by a confirmed data leak. Approximately 900,000 lines of data are reportedly affected, covering…
508,276 Coriolis Télécom customers affected by a data leak
Coriolis Télécom customers are affected by a confirmed leak impacting mobile and internet subscribers. Nearly 508,000 rows of customer-related data have been made public, the…
Leak at French Sports for All Federation
1,493 members Last name, first name Status Affiliated structure Postal address Phone number Qualifications Activity
683,936 customers affected by claimed leak at Livre en Poche
Customers of Livre en Poche are affected by a claimed leak involving order-related data, according to the claim. Nearly 684,000 lines of data are reportedly impacted…
Leak at Sciences Po
SQL Dump
950,000 people affected by data leak at FFESSM
Members and licence holders of FFESSM are affected by a data leak involving nearly 950,000 people. The leak concerns information related to members of the French federation...
Leak at Guiot de Bourg
90,000 customers Last name, first name Email address Hashed password Date of birth Newsletter signup IP Website Authorized amount Payment terms Guest status Deleted account (😒) Password renewal token Secret key
Leak at Movida
First and last name, contact details, IBAN
Leak at Panorama Banques
2,340,422 customers Last name, first name Nationality Postal address Email address Phone number Marital status Income, current loans, rent Bank Account opening date Owner/tenant status Profession, type of employment contract
Leak at French Fencing Federation
Last name, first name Nationality Phone number Postal address Email address Licence type Club Age category Discipline
Leak at French Hunting Federation
First name, last name Postal address License number Insurance Qualification
1,200,000 people exposed in data leak at FFVolley
Individuals registered with the French Volleyball Federation (FFVolley) are affected by a confirmed data leak involving approximately 1.2 million records. The leak includes...
Leak at French Firefighters Federation
822,449 firefighters Last name, first name Email address Phone number Postal address
Leak at Grand Froid
Last name, first name Address Order date
Leak at Orpi
IBAN Last name, first name Rent receipt Postal address Extranet username Extranet password in plain text Tenant
83,000 users affected by a claimed data leak at Scoring.fit
Users of Scoring.fit, as well as clubs and volunteers linked to the platform, would be affected by a claimed leak impacting the service's database. According to the claim…
Data leak at Too Easy
Name Email address Phone IP address
Data leak at Valorissimo
Login Email address First name, last name Phone number Address Company
Data leak at Waltio
Email address 2024 tax report Bank balance
1,224,196 records exposed in the data leak at ffgolf
Current and former licence holders of the French Golf Federation (ffgolf) are affected by a confirmed leak involving more than 1.2 million records. The leak comes from the central database of...
1,416,000 records in the FNC and OFB data leak
Members and hunting permit holders monitored by the French National Hunters Federation (FNC) and OFB are affected by a confirmed leak. Nearly 1.4 million entries...
822,499 FNSPF members affected by data leak
Members of the French National Firefighters Federation (FNSPF) are affected by a confirmed data leak involving the national member database. Nearly 822,499...
3.7 million Babyvista customers affected by a data leak
Customers of Babyvista, a maternity photography service, are affected by a data leak impacting nearly 3.7 million people. The leak, initially dated 15/03/2025, covers…
Claimed leak at École nationale supérieure d'arts et métiers (volume not specified)
People connected to École nationale supérieure d'arts et métiers (ENSAM) are affected by a claimed leak whose volume has not been specified, according to the claim. According to the elements…
Leak at ENSAM
First name, last name Social Security number Scholarship award decision and amount Start and end date of sick leave
Leak at ConseilJuridique.net
Claimed data leak concerning ConseilJuridique.net.
Claimed data leak at Delko - Ransomware
Delko customers are affected by a claimed leak tied to an incident dated 07/12/2025, communicated to customers and publicly relayed on 20/01/2026. According to the claim, Delko reports…
Leak at France Éducation International (via GAEL)
Last name, first name City of birth and country of birth Date of birth Nationality Native language Affiliated centre
108,000 Syma Mobile customers: claimed data leak
Syma Mobile customers are affected by a claimed data leak, according to the claim. According to the announcement, a database of approximately 108,000 customers was allegedly published on…
Leak at Info Jeunes Bourgogne Franche-Comté
Identification data
12 million employees affected by the Urssaf DPAE data leak
Employees hired within the past three years are affected by a confirmed leak concerning the Déclaration Préalable à l'Embauche (DPAE). Nearly 12 million records would be exposed…
46,506 people exposed in a claimed leak at Pix Orga (education)
The 46,506 people linked to Pix Orga are reportedly affected, according to the claim, mainly pupils and teaching team members. The Pix Orga service, used by institutions…
90,726 people affected by the TooEasy Agence Web data leak
People who interacted with sites managed by TooEasy Agence Web are affected by a confirmed data leak. Nearly 90,726 unique email addresses appear among the records…
6,727,398 Under Armour customers affected by a data leak
Under Armour customers located in France are affected by a confirmed leak affecting nearly 6.7 million people. The overall volume mentioned reaches 72,893,170 customers, according to…
93,746 customers affected by a claimed leak at Ioburo
Ioburo customers could be affected by a leak impacting nearly 94,000 records, according to the claim. The post specifies a volume of 93,746 records attributed to the database…
9,599 records in a claimed data leak at Le Bambou Castillonnais (Cartedepeche.fr)
Members and individuals present in the database of AAPPMA Le Bambou Castillonnais (Gironde) are reportedly affected by a claimed leak, according to the claim. The announced volume reaches 9…
134,209 Wobz (formerly Dalvin) customers: claimed data leak
Wobz (formerly Dalvin) customers could be affected by a claimed leak, according to the claim. The latter indicates the publication of a Wobz-print customer database containing…
43,366 customers affected by a claimed data leak at StorePasCher
StorePasCher customers are affected by a claimed leak involving 43,366 accounts, according to the claim. The case concerns the e-commerce site StorePasCher, which offers online sales…
598 people exposed in the Force Ouvrière UD 75 data leak
The data of 598 people linked to the Paris Departmental Union of Force Ouvrière (UD 75) is exposed, according to a confirmed leak. The material reportedly comes from an export batch from the...
888 employees affected by a claimed data leak at Groupe Fondasol
Employees of Groupe Fondasol are affected by a claimed data leak covering 888 profiles, according to the claim. The engineering firm in the construction sector works on projects in…
3,691,752 customers in a claimed data leak at LBP Granville (Le Bureau de Prospection)
LBP Granville customers are reportedly affected by a data leak, according to the claim. The announced volume exceeds 3.6 million records and a sale is mentioned for January 15…
Leak at Lire Demain
4,616 customers: first and last name, email address, postal address, orders
Leak at Eurail
First name, last name Date of birth Email address Postal address Phone number Passport number, issue and expiration date
Data leak at Zurflüh-Feller
66 GB of data
Leak at Blackstore
101,979 people; surname, first name; email address; phone number; store; order number; order date
Leak at Instagram
17.5 million accounts Usernames Postal address Email address Phone number
Leak at monlogicielmedical.com
First and last name, date of birth, postal address, status, social security scheme, last visit
65,000 users affected by a data leak at nephael.net/chloesanchez.com
Users of the adult sites nephael.net and chloesanchez.com are affected by a confirmed data leak involving around 65,000 accounts. According to the elements published, the…
9.5 million records in the data leak at Relais Colis
Customers and recipients who used Relais Colis are affected by a confirmed leak impacting nearly 9.5 million records. The volume announced is 9,526,266 rows, and a claim…
Claimed leak at ACRV.FR (web agency)
Customers of ACRV.FR are affected by a claimed leak touching archives and databases linked to several sites they host or maintain. According to the claim, the entire…
115,000 customers affected by claimed leak at Audiophonics.fr
Customers of Audiophonics.fr are reportedly affected, according to the claim, by a leak involving a database announced at around 115,000 users. The site targeted is an online shop…
324,400 accounts exposed in the BreachForums data leak (2025)
BreachForums forum accounts are affected by a confirmed leak impacting nearly 324,400 registrations. The incident dates back to August 2025 and the corpus was added to Have I Been Pwned on 10…
2,340,422 Panorabanques.com customers affected by a data leak
Panorabanques.com customers are affected by a confirmed leak affecting around 2.34 million people. The financial comparator, used by individuals to compare offers…
146,605 patients affected by a claimed leak at SOS Oxygène
SOS Oxygène patients are affected by a claimed leak which, according to the claim, would involve 146,605 unique patients. The service, specialising in respiratory assistance and…
Claimed data leak at Apec Région Occitanie - volume not specified
Accounts linked to Apec Région Occitanie (Montpellier / Nîmes / Toulouse) are reportedly affected by a leak, according to a claim on Breachforums that mentions a scope of around 3,000 profiles. To…
7,761 people affected by a data leak at Euronature
Students and teachers of Euronature (School of Naturopathy) are affected by a confirmed data leak. According to the estimate, around 7,761 people would be exposed; the corpus released…
616 contributors affected by the Paris à cœur ouvert data leak
Contributors to the Paris à cœur ouvert site (Sarah Knafo's site) are affected by a confirmed leak affecting 616 people. Unprotected personal data was accessible…
282,906 young people affected by an Avantages Jeunes data leak
Young holders of the Carte Avantages Jeunes (CRIJ Bourgogne-Franche-Comté) are affected by a confirmed leak impacting nearly 283,000 people. The published elements include, according to the…
111,000 Casino de Paris customers: data leak
Casino de Paris customers are affected by a data leak confirmed by the venue, which informed its customers by email. Nearly 111,000 people are reportedly impacted, according to the…
23,920 Corse GSM customers affected by a data leak
Corse GSM customers are affected by a confirmed leak that exposes nearly 24,000 accounts tied to the telecom service. The leak comes from a file made public and concerns information…
262,925 licensed members affected by a claimed data leak at FFB
Licensed members of the French Bridge Federation (FFB) are, according to the claim, affected by a leak whose publication is dated 08/01/2026. The claim indicates a corpus dated…
200,415 licence holders affected by claimed leak at FFFA
Licence holders of the French American Football Federation (FFFA) are affected by a claimed leak said to target 200,415 records. According to the claim, the corpus would contain...
561,502 licence holders affected by data leak at FFME
Licence holders and affiliates of the French Federation of Mountaineering and Climbing (FFME) are affected by a confirmed data leak involving more than 560,000 records. The...
599,797 licence holders: claimed data leak at FSGT
Licence holders of the Workers' Sports and Gymnastics Federation (FSGT) are targeted by a claimed data leak, according to the claim. It mentions a database of approximately 600,000 accounts and...
Leak at EasyCash
14 million customers First name, last name Date of birth Postal address Phone number Email address
393,374 members affected in the data leak at FFCK
Members of the French Canoe-Kayak Federation (FFCK) are affected by a confirmed leak impacting nearly 400,000 people. Elements made public indicate that the database…
599,797 FFRS licence holders affected by data leak
Licence holders of the French Roller and Skateboard Federation (FFRS) are affected by a data leak that exposes nearly 600,000 records. The publicly released elements show...
162,263 licence holders affected by claimed leak at FFSquash
Licence holders of the French Squash Federation (FFSquash) are affected by a claimed leak involving an announced database of 162,263 rows. According to the claim published on...
78,133 members affected by claimed data leak at FFPLUM
Members of the French Microlight Federation (FFPLUM) are affected by a claimed data leak, according to the claim that announces a database of approximately 78,133 rows. The federation is...
52,785 licence holders affected by claimed data leak at FFTwirl
Licence holders, volunteers and officials of the French Twirling Baton Federation (FFTwirl) are affected by a claimed leak affecting personal data. According to the claim, the...
133,297 members affected by Lions Clubs of France data leak
Members of the Lions de France Foundation are affected by a confirmed data leak involving nearly 133,300 people after deduplication. The leak targets the database of...
Claimed leak at L'Orange Bleue Fitness Club
Managers and operators of about 600 L'Orange Bleue clubs are reportedly affected by an internal data leak dating back to June 2025, according to the claim. A public sample analyzed includes…
5,304 customers affected by claimed data leak at Loft by Denis Moines
Customers of the Loft by Denis Moines salon in Paris are affected by a claimed data leak impacting their customer database, according to the claim. The report indicates that a customer database…
47,561 subscribers - claimed data leak at Philharmonie de Paris
Philharmonie de Paris subscribers are reportedly affected by a claimed leak impacting the national PAD subscriber database, according to the claim. Nearly 47,600 people would be affected, including…
Data leak at DCE Conseil and partners (prisons, armed forces, luxury)
Public bodies and partner companies of DCE Conseil are affected by a confirmed file leak. According to the elements published, about 844 GB of data have been put back…
Data leak at Ledger (via Global-e) - Undisclosed volume
Ledger customers are affected by a data leak confirmed by the Global-e provider. The number of impacted customers has not been publicly disclosed.
Leak at the French Office for Immigration and Integration
2.1 million people Last name, first name Postal address Phone number Date of birth Social security number Nationality Languages spoken Family situation Family number Date of birth of children Type of stay Processing prefecture Decision date
1,050 identities exposed in the data leak at Petits-fils
People working for Petits-fils are affected by a confirmed data leak, impacting close to 1,050 identities linked to agencies and franchises. They are staff members…
800,000 records in Adecco data leak
Candidates who submitted a CV or created a profile with Adecco are affected: nearly 800,000 profiles are reportedly exposed, including around 750,000 CVs according to available estimates. These files appear…
Data leak at AgroParisTech
AgroParisTech staff and contributors are affected by a data leak confirmed by Fuites Infos. According to a post linked to the claim, around 211 GB of data have reportedly…
Claimed data leak at AXYON (EDF, Eiffage, Bouygues, Engie, Renault, etc.)
AXYON customers and partners are affected by a claimed leak said to involve around 340 GB of internal data, according to the claim. AXYON provides B2B engineering services…
Data leak at Dream Up (LAPSUS$) across multiple sites
Customers and contacts of the sites managed by Dream Up are affected by a confirmed data leak. According to the elements published, around 40 GB of files from 54 SQL databases were reportedly…
24,000 trainees affected by a claimed data leak at AFPPCD-IDF
Trainees of the AFPPCD-IDF association are reportedly at the center of a data leak, according to the claim circulated online: more than 24,000 records are mentioned, unconfirmed…
70,981 customers affected by a claimed leak at Trescal
Trescal customers are affected by a claimed leak which, according to the claim, exposes nearly 71,000 records. Trescal is a provider in industrial metrology serving…
2.1 million: data leak at OFII / ANEF
People who used the OFII / ANEF "Étrangers en France" portal are affected: the leak is confirmed and covers around 2.1 million rows of data. This portal is used by…
2025
160 incidentsLeak at École Nationale de la statistique et de l'analyse de l'information
3,900 students First name, last name Email address Postal address ID photo Phone number Partial payment card number, CVV, expiration date Enrolments, evaluation results
Leak at French Speleology Federation
Last name, first name Nationality Email address Phone number Licence number Occupation
Leak at Institut Polytechnique de Paris
9,551 students Last name, first name Email address Postal address Phone number IBAN
Leak at Grenoble School of Management
First name, last name Email address Postal address Phone number Employer, position held
Data leak at Université de Lille
7,244 students First name, last name Email address Postal address Phone number
Leak at Allegro Musique
161,412 members Name, first name Postal address Email address Phone number Social security number Registration and termination date Content of listings
Leak at Batterie de Portable
Surname, first name; date of birth; postal address; email address; landline and mobile phone numbers
Leak at Europages
205,403 prospects First name, last name Position Company Postal address Email address Phone number SIRET VAT number
Leak at the French Ministry of Agriculture and Food
60 GB, 97,000 files: FTP access, SQL files, system logs from 32 departments, 19 business applications
Leak at Club de nation 95 (via ACRV)
200 members; surname, first name; postal address; email address; phone number; IP address
Leak at ENI
89,463 customers First name, last name Email address Profile type Company name Position
Leak at HelloWork
Last name, first name Email address Desired role Qualification level Work experience Industries of interest Contract types sought Geographic mobility areas
Leak at PayTrip
74,877 customers Last name, first name Email address Postal address Phone number Account balance IBAN
Leak at Commune de Lens
probable ransomware
Leak at French Kick Boxing Federation
361,321 members Last name, first name Gender Date of birth Nationality Email addresses Phone numbers Postal address Licence type, season and validity date
Leak at Mondial Relay
first and last name, email address, postal address, phone number, shipment number, delivery status
Leak at Nouvelle Lune
161 customers Last name, first name Email address Postal address Last login date Last order date Number of orders
Leak at French Swimming Federation
1.3 million members last name, first name licence number postal address email address phone number medical information parent contact details club
Leak at 123 casting
240,000 users name, first name MD5-hashed password (so effectively in plaintext…) date of birth, gender postal address email address phone number height, weight, eye and hair color, measurements ethnic origin distinctive features photo & video book private message history payment data
Leak at Altitude Infra
5.76 GB, 3.8 million customers Network infrastructure Partners file Operational data Support tickets Prospect identities Postal address Phone number
Leak at justice.fr
1,100 justice professionals last name, first name judicial position personal address personal phone number professional information IBAN
Leak at Chronopost
860,000 people; surname, first name; email; address; parcel number
Leak at La Licra
186 subscribers, 8 administrators Email address Hashed password
Leak at the French Ministry of Sports
3.5 million households: first and last name, date of birth, gender, email address, postal address, phone number, category of aid received, organization code, social security number, INE number, CAF number, Pass Sport code
Leak at Red by SFR
last name, first name email address postal address customer reference phone number
Leak at Parashop
last name, first name date of birth postal address
Leak at PornHub
browsing history
Data leak at SoundCloud
20% of users, 30 million profiles email public profile
Leak at the French Ministry of the Interior
"a number of files"
Leak at Euromatik
first name, last name email and postal address phone number contractual and order data encrypted password
Leak at France Ventilation
credit card number, expiration date, CVV
Leak at French Cycling Federation
1 million members first name, last name date of birth nationality postal address email phone number photo and ID document
Leak at Résidence du Parc (Champdeniers-Saint-Denis)
ransomware
Data leak at UFOLEP (via Exalto)
first name, last name date and place of birth nationality postal address email address phone number legal guardian's contact details consent status
Leak at ASAF & AFPS (via Itelis)
name, first name date of birth social security number reimbursement record vision correction data phone number
Leak at Cuisinella
title, first name, last name phone number email address
Leak at French Handball Federation (via GestHand)
last name, first name gender date of birth email address phone number
Leak at Schmidt
title, last name, first name phone number email address
Leak at Médecin Direct
first and last name, date of birth, email address, postal address, social security number, subject of the teleconsultation, pre-consultation questionnaire, data exchanged with the practitioner
Leak at Leroy Merlin
last name, first name phone number email address postal address date of birth loyalty program information
Leak at France Travail
1.6 million young people last name, first name date of birth social security number France Travail identifier
Coupang insider data breach (2025)
A former Coupang employee accessed personal data on 33.7 million customer accounts of South Korea's largest e-commerce platform. Coupang announced a $1.17 billion compensation plan; its head of Korean e-commerce resigned.
Leak at La Centrale du Financement
financing file
Leak at French Football Federation (via Footclub)
first name, last name, gender date and place of birth nationality postal address email address phone number license number
Leak at La Rochelle (via Synbird)
last name, first name email phone number appointment time, date and location other items
Leak at MSP Givors Presqu'Île (via Weda)
first and last name, postal address, email address, phone number, health data
Leak at AG2R la Mondiale (via Itelis)
name, first name date of birth social security number reimbursement record vision correction data phone number
Leak at Clinique du Millénaire (via Weda)
surname, first name; postal address; email address; phone number; health data
Leak at French Dance Federation
license number first name, last name date of birth photos postal address email address phone number hashed password
Leak at Itelis
5 million patients last name, first name date of birth social security number reimbursement file
Leak at MSP du Pré Vicinal (via Weda)
first and last name, postal address, email address, phone number, health data
Leak at ProxiServe
294,639 customers Last name, first name Email address Postal address Reason for intervention Date of intervention
Leak at APRS (via Itelis)
name, first name date of birth social security number reimbursement record vision correction data phone number
Leak at Chatou town hall (via RDV360)
first and last name, postal code, city, email address, phone number
Leak at Quimper town hall (via RDV360)
first and last name, postal code, email address, phone number
Leak at Saint-Aubin d'Aubigné town hall (via RDV360)
first and last name, postal code, city, email address, phone number
Leak at Malakoff Humanis (via Itelis)
optical service quote requests
Leak at Colis Privé
surname, first name; postal address; email address; phone number
Leak at Michelin
ransomware, corporate data
Leak at Murfy
294,075 customers: first and last name, email address, postal address, phone number, account balance, exchanged messages, comments, reason for visits, technician
Data leak at Suzuki
First name, last name Email address Postal address Phone number
Leak at Alfortville town hall (via RDV360)
first and last name, email address, phone number
Leak at Resana
Claimed data leak concerning Resana.
Data leak at Synbird
first name, last name email phone number time, date and place of appointment
Leak at Eurofiber
3,600 companies (BPCE, Auchan, CGI, Thales, SFR, Orange…) sensitive network infrastructure data VPN access credentials source code certificates emails SQL backups
Leak at Brest town hall (via RDV360)
50,000 residents: first and last name, postal address, email address, phone number
Leak at Pajemploi
1.2 million people last name, first name social security number postal address date and place of birth name of bank Pajemploi number and accreditation number IBAN
Data leak at Weda
Claimed data leak concerning Weda.
Leak at French Cardiology Federation
first name, last name postal address email address phone number password
Leak at Oui Heberg
last name, first name email address phone
Leak at MYM
5 million customers: username, first and last name, company, postal address, date of birth, password (MD5 hashed), email, phone number, IP address, social networks (Instagram, Facebook, Twitter, Snapchat), date of registration and last login
Leak at France Travail
16,479 people authentication data in plaintext civil status address, phone number, email ID card RIB employment contracts tax notices Social Security attestation training certificate work authorization
Leak at Poltronesofa
Ransomware
Leak at French Shooting Federation (via ITAC)
licence no. civil status postal address email phone number
Leak at Regional Health Agencies of Île-de-France, Auvergne, Rhône-Alpes, Hauts-de-France, Pays de la Loire and Normandie
34 million patient medical records
Leak at Haute-Comté intercommunal hospital centre
Ransomware
Leak at Mango
first name, country, postal code, email address, phone number
Leak at Agence Régionale de Santé des Hauts-de-France
Birth name, usual name, first name(s) Sex Date and place of birth Email address, phone number, postal address Social security number Nationality Organ donor status In some cases, weeks of amenorrhea at birth
Leak at Hauts-de-France high schools
student ID documents, CVs, academic transcripts
Leak at France Travail
5,500 job seekers last name, first name France Travail identifier registration category email address RSA status CIR identifier
Leak at Discord
name, username payment information last 4 digits of payment card transaction history IP address messages exchanged with support ID card age verification documents
Asahi Group Holdings Qilin ransomware (2025)
Qilin ransomware operators encrypted servers across Asahi's Japanese data centres, halting ordering, shipment, and production at 30 factories, leaking 27 GB of internal data, and exposing personal information of approximately 1.5 million customers, employees, and contacts.
Leak at France Travail
9,971 job seekers email address title, first name, last name advisor email
Leak at La Nef
email address
Leak at Inovie Labosud
identity data medical data contact details social security and health insurance details
Leak at Digital Charging Solutions
name email address
Leak at French Table Tennis Federation
licence number last name, first name, gender date and place of birth nationality postal address email address phone number
Leak at Clarins
100,000+ customers; contact data
Leak at Plex
email usernames hashed passwords
Leak at Eklo
Data leak claimed concerning Eklo.
Data leak at Syma Mobile
First name, last name Date of birth Postal address Email address Phone number
Jaguar Land Rover global production halt (Scattered Lapsus$ Hunters, 2025)
A cyberattack on Britain's biggest carmaker forced JLR to shut down its global IT network and halted vehicle production in the UK, China, Slovakia, India, and Brazil for five weeks — now considered the most economically damaging cyber incident in UK history.
Leak at Auchan
salutation, name, first name email, postal address phone number loyalty card number customer status
Leak at France Link Interactive
20GB ransomware
Leak at Google
2.25 million
Leak at Partner Immo
ransomware
Leak at Alltricks
intrusion mailing list
Leak at France Travail
last name, first name email address phone number technical identifier
Leak at Optic 2000
title, last name, first name social security number date of birth postal address customer number phone number store concerned optician's name
Leak at Air France
name, first name contact information Flying Blue number and status subject of requests submitted
Leak at Bouygues Telecom
6.4 million customers; contact details; contractual data; civil status; IBAN
Leak at Pandora
name email address
Leak at Centre d'études et de recherches sur les qualifications
210,607 people; surname, first name; email address; phone
Leak at Orange
Claimed data leak concerning Orange.
Leak at France Travail
last name, first name email address postal address phone number France Travail identifiers France Travail status
Leak at Groupe 5àSec
290 GB
Leak at Centre National de la Fonction Publique Territoriale
34,000 people; ID document; IBAN; carte vitale; employment contract; administrative status; pension supporting document; sworn statement; diploma; CV
Leak at Louis Vuitton
first name, last name, gender, country, phone number, postal address, email address, date of birth, purchase data, preferences
Data leak at Sorbonne Université
first name, last name personal and professional email address phone number postal address spouse and children's first and last names
Data leak at Union Nationale du Sport Scolaire
8 million students first name, last name date of birth member's and parents' email address phone establishment, class disability photo licence activities
C&M Software Pix heist (Brazil, 2025)
A junior developer at C&M Software — a Central Bank-authorized provider of Pix instant-payment connectivity — was paid roughly R$5,000 to hand over credentials. Attackers used the access to drain approximately R$800 million ($148 million) from reserve accounts at six Brazilian financial institutions in 2.5 hours.
Leak at Disneyland
64GB
Leak at Hôpital privé de la Loire
530,000 patients last name, first name date of birth gender postal address phone NIR insurance and administrative documents consultation results
Leak at Cartier
name; email address; country
Leak at Kaviari
last name, first name, gender date of birth email address, postal address phone number username, password customer number order history
Leak at Autosur
name, first name email and postal address phone number license plate number
Leak at Dior
Data leak claimed concerning Dior.
Leak at Pulsy
last name, first name gender date of birth, place of birth postal address phone email medical data care pathway date and locations of hospitalisations
Leak at Carrefour Mobile
64,000 customers; phone number; email address; password; address; passport number
Leak at Easy Cash
first name, last name date of birth
Marks & Spencer DragonForce ransomware (Scattered Spider, 2025)
Social-engineering of a third-party service desk gave Scattered Spider a domain administrator, which they used to deploy DragonForce ransomware on M&S's VMware ESXi estate at Easter 2025 — knocking out contactless payments, Click & Collect, and online ordering for over six weeks.
Leak at Indigo
email address license plate last name, first name phone number postal address
Leak at Afflelou
name, first name, date of birth postal address, email address phone number commercial information
Leak at Hertz
name contact details date of birth driver's license credit card passport
Leak at Harvest
50,000 individuals, 5,000 companies, wealth management
Leak at Reporterre
last name, first name email address postal address
Leak at MAIF & BPCE
name, gender, date of birth, marital and professional status, postal address, email address, phone number, income, assets, member number
Leak at Oracle Cloud
6 million customers LDAP authentication SSO server authentication keys
Leak at Centrale Nantes
private reports & projects; logins and user password hashes; source code; administrative documents
Leak at Cerballiance
surname, first name; date of birth; postal address; social security number; supplementary health insurance scheme, mutuelle fund, rights end date
Leak at Autosur & Diagnosur
name, first name email and postal address phone number license plate
Leak at Éclaireuses et Éclaireurs de France
44,000 users first name, last name, gender date and place of birth address profession email, landline and mobile phone
Leak at Intersport
3.4 million transaction number invoice number PayPal reference number transaction code start date / end date of the transaction debited or credited transaction gross amount of the transaction payer account number buyer's username delivery and billing address user ID first and last name, payment source loyalty card number
Leak at Direct Assurance
Data leak claimed concerning Direct Assurance.
Leak at Laforêt
tenant file ID documents RIB
Yale New Haven Health data breach (2025)
Suspicious network activity at Yale New Haven Health led to the largest U.S. healthcare data breach of 2025: 5.5 million patients had names, contact details, dates of birth, medical record numbers, and Social Security numbers stolen. The health system later agreed to an $18 million class-action settlement.
Data leak at UTwin
identity email address phone number
Leak at Côté Sushi
first name, last name date of birth contact details loyalty program
Leak at La Poste
last name, first name email, postal address year of birth phone number
Leak at École Nationale de la Sécurité
30,000 people title, first name, last name date of birth address phone, email city and country of birth nationality social security number Pôle Emploi number VTC card number qualification, education level
Leak at EDF DPIH
power plant intervention and maintenance plan results of security inspections and operations IDs of maintenance staff
Data leak at Zephir
67,000 people first name, last name email, phone IBAN
Leak at Nord Emploi
last name, first name phone address recipient number referring organisation RSA & CAF form CV rights opening date deregistration date personalised project notification support arrangements illiteracy status ability to use computer tools childcare solution support from a professional network number of applications professional life associative and professional experience training, skills targeted occupations interests language certification office tools proficiency driving licence
Bybit cold wallet heist
Lazarus operators substituted the implementation contract during a routine Safe multisig transaction, draining ~$1.5 billion in ETH and staked-ETH derivatives from Bybit's Ethereum cold wallet — the largest single cryptocurrency theft in history.
Leak at French Football Federation
first name, last name gender date and place of birth nationality postal address email address phone number photo copy of ID document
Data leak at Vienne Departmental Fire and Rescue Service
login hashed password email
Data leak at Sport Découverte
488,023 accounts first name, last name date of birth phone number email address
Leak at Mutuelle des Motards
first and last name, email address, phone number, postal code
Leak at Caisse des dépôts et des consignations
70,000 people
Leak at Chronopost
surname, first name; phone number; address; signature
Leak at King Jouet
last name, first name email phone number order details
Leak at Espace-Recettes.fr Vorwerk
full name postal address, email address phone number Thermomix preference data
Leak at AIDES
name, first name date of birth postal address, phone, email address IBAN social security number health check-up result
Leak at E.Leclerc
first name, last name email address access login case number premium amount service description
Leak at French Mountaineering and Climbing Federation
808,881 accounts last name, first name postal address email address identifier date of birth phone number
Leak at French Archery Federation (via ITAC)
625,434 accounts last name, first name gender date of birth postal address phone email address profile photo
Leak at French Strength Federation
64,512 accounts
Leak at French Roller Skateboard Federation
last name, first name email address, postal address date and place of birth phone number licence number
Leak at Kiabi
Credential stuffing last name, first name date of birth IBAN
Telefónica Hellcat infostealer-to-Jira breach (Spain, 2025)
Infostealer malware on the endpoints of 15+ Telefónica employees gave the Hellcat ransomware group credentials into the company's internal Jira ticketing system. Social-engineering escalated the access to SSH. The group did not extort — it publicly published 2.3 GB including 24,000 employee emails, 470,000 internal Jira tickets, and 5,000 internal documents.
2024
51 incidentsLeak at Cogitis
82 GB
Leak at Atos
Claimed data leak concerning Atos.
Leak at Arsoé
Claimed data leak concerning Arsoé.
Data leak at Volkswagen
800,000 customers customer data location
Leak at Peugeot
Claimed data leak concerning Peugeot.
Leak at Cyberhaven
Data leak claimed concerning Cyberhaven.
Leak at Electro Dépôt
Data leak claimed concerning Electro Dépôt.
Leak at Go Sport
Claimed data leak concerning Go Sport.
Data leak at Sport 2000
Claimed data leak concerning Sport 2000.
Data leak at Wakanim
Claimed data leak concerning Wakanim.
Data leak at Top Achat
first name, last name email address
Leak at LDLC
Claimed data leak concerning LDLC.
Leak at Deloitte
Data leak claimed concerning Deloitte.
Leak at Guy Demarle
last name, first name postal address email address phone number
Leak at Norauto
last name, first name email address postal address phone number ID document number
Data leak at Ze Camping
1.6 million users first name, last name login hashed password date of birth phone postal address
Leak at JVS
last name, first name email address login phone number local authority
Data leak at SFR
3.6 million customers first name, last name email address postal address, postal code, city date of birth, department of birth phone number 150,000 IBANs
Leak at Banque de France
employee identities, position, salary; customer identities, bank accounts, webmail history; strategic documents, financial reports
Leak at Companie de Transport Strasbourgeoise
unknown
Leak at Chambres d'agriculture
Claimed data leak concerning Chambres d'agriculture.
Leak at Auchan
name, first name email address, postal address phone number family composition date of birth loyalty card number, kitty amount
Leak at Direct Assurance
name email address phone numbers IBAN
Leak at Mediboard
750,000 patients: first and last name, date of birth and date of death, gender, phone number, attending physician, medical prescriptions, external identifier, care history
Leak at Le Point
name email address phone number postal address date of birth
Leak at Huttopia
last name, first name email address
Leak at Molotov
10 million people: email address, first and last name, date of birth
Leak at Picard
45,000 people last name, first name date of birth email address postal address phone number loyalty card number loyalty points discount vouchers order history receipts shopping list favourite purchases
Leak at Free
5.1 million people last name, first name date of birth place of birth email address postal address IBAN subscriber identifier subscribed plan type subscription date active subscription or not
Leak at Ornikar
4.2 million people last name, first name date of birth email address postal address phone number
Salt Typhoon US telecom espionage campaign (2024)
China-linked Salt Typhoon infiltrated at least nine U.S. telecom providers — Verizon, AT&T, T-Mobile, Spectrum, Lumen, Consolidated, Windstream — including the CALEA lawful-intercept systems used for court-authorised wiretaps. Metadata for over a million users was exposed; the U.S. Treasury sanctioned a linked PRC contractor.
Leak at Meilleurtaux
first and last name, date of birth, country of birth, postal address, phone number, professional situation, family situation, income
Leak at RED by SFR
Several tens of thousands of customers last name, first name email address postal address phone number IBAN plan type SIM card identifier smartphone identifier
Leak at Assurance retraite
370,000 people name, first name address social security number approximate income amount
Leak at Cybertek
first name, last name email address postal address phone number
Leak at Cultura
1.5 million people first name, last name email address postal address phone number order history
Leak at Boulanger
A few hundred thousand people; surname, first name; email address; postal address; phone number
Halliburton RansomHub attack (2024)
RansomHub gained access to Halliburton's systems, prompting the oil-services giant to take infrastructure offline. The incident delayed invoicing and purchase orders, and Halliburton booked a $35 million loss in its SEC filings.
Star Health insurance breach and senior-official extortion (India, 2024)
A hacker using the alias xenZen exposed personal and medical data on 31.2 million Star Health customers via Telegram bots, alongside 5.76 million claims records. The leak escalated into a public extortion drama implicating a senior Star Health official.
AT&T Snowflake call-records breach
AT&T disclosed that attackers used credentials stolen by infostealers to authenticate into its Snowflake cloud-data-warehouse tenant — which lacked MFA — and exfiltrated call and text metadata covering nearly all 110 million AT&T wireless customers.
Indonesia PDNS Brain Cipher (LockBit 3.0) ransomware (2024)
Brain Cipher — a Lockbit 3.0–derived ransomware — encrypted Indonesia's Temporary National Data Center (PDNS), paralysing 282 government digital services from immigration to passport issuance for weeks. Attackers demanded $8M; the government refused. Brain Cipher subsequently released a decryptor free of charge, with an apology.
CDK Global BlackSuit ransomware (2024)
BlackSuit operators encrypted CDK Global's dealer-management platform, knocking ~15,000 North American car dealerships offline for nearly two weeks. A second attack hit on day two of recovery. Industry losses estimated at over $1 billion; CDK reportedly paid a $25 million ransom.
KADOKAWA / Niconico BlackSuit ransomware (2024)
Phishing access let BlackSuit (Russian-linked) encrypt KADOKAWA's infrastructure and the Niconico video-sharing platform, taking services offline for two months. KADOKAWA paid ~$2.9M in cryptocurrency — and BlackSuit leaked the stolen 1.5 TB anyway.
Snowflake customer-account credential-stuffing campaign (UNC5537, 2024)
A threat cluster tracked as UNC5537 / ShinyHunters used credentials harvested by infostealer malware to log into ~160 Snowflake customer tenants that lacked MFA. Victims included AT&T, Ticketmaster, Santander, LendingTree, Advance Auto Parts, Neiman Marcus, and Bausch Health. Ticketmaster alone exposed data for ~560 million users.
Data leak at Ticketmaster
560 million people first name, last name email address postal address phone number transaction history order details banking information (last 4 digits of the saved card and expiry date)
Leak at Le Slip Français
1.5 million people: first name, last name, phone numbers, postal address, email address, order numbers
Leak at France Travail
43 million people last name, first name social security number email address postal address phone number France Travail identifiers
Leak at LDLC
1.5 million people last name, first name email address postal address phone number
Change Healthcare ransomware (ALPHV/BlackCat)
ALPHV/BlackCat compromised Change Healthcare via Citrix portal lacking MFA, paralyzed U.S. prescription claims for weeks, and exfiltrated data on an estimated 100 million people.
Leak at Almerys, Viamedis
33 million people name, first name date of birth social security number name of health insurer policy subscribed
Schneider Electric Sustainability Business Cactus ransomware (2024)
Cactus ransomware operators hit Schneider Electric's Sustainability Business division, taking the Resource Advisor consulting platform offline and exfiltrating approximately 1.5 TB of data — including passport scans and signed NDAs from customers like Hilton, PepsiCo, and Walmart.
2023
13 incidentsWestpole LockBit ransomware — Italian PA outage (2023)
LockBit 3.0 encrypted the data centres of Italian cloud provider Westpole, taking down PA Digitale's Urbi platform — which serves 1,300 Italian public administrations including 540 municipalities, the Quirinale presidency, ISTAT, the Bank of Italy, and the Ministry of Environment. Payroll, citizen services, and local-government workflows were degraded for weeks.
ICBC Financial Services LockBit ransomware (2023)
LockBit ransomware disrupted the U.S. broker-dealer arm of the world's largest bank, ICBC, jamming settlement of over $9 billion in U.S. Treasury trades. Bank staff sent critical settlement details by USB stick via a messenger across Manhattan. $62 billion of Treasuries failed to deliver in one day.
British Library Rhysida ransomware (2023)
Rhysida ransomware operators destroyed servers, demanded ~£600,000, and leaked 600 GB of internal data when the British Library refused to pay. The main catalogue did not return online — read-only — until January 2024. Recovery is consuming 40% of the Library's financial reserves.
Boeing LockBit ransomware via Citrix Bleed (2023)
LockBit operators exploited the Citrix Bleed vulnerability (CVE-2023-4966) to enter Boeing's parts and distribution business. Boeing did not pay; LockBit leaked roughly 45 GB of data, including Citrix logs, email backups, supplier lists, and 2020 pricing data.
23andMe credential-stuffing breach
Attackers used credentials reused from prior breaches to access 23andMe accounts, then leveraged the 'DNA Relatives' feature to scrape ancestry and genetic profile data on 6.9 million users from compromised relatives' connections.
MGM Resorts ransomware (Scattered Spider + ALPHV)
Scattered Spider vished an MGM IT-desk agent, gained Okta admin, and let ALPHV detonate ransomware. Casinos went offline for ten days; the loss to MGM exceeded $100 million.
Caesars Entertainment Scattered Spider ransom payment (2023)
Scattered Spider impersonated a Caesars employee on a call to a third-party IT support vendor and convinced the vendor to grant Okta credentials, then exfiltrated customer loyalty data including SSNs and driver's licences. Caesars paid roughly $15 million ransom; the FBI later froze a substantial portion of the funds with Chainalysis assistance.
MOVEit Transfer mass exploitation (Cl0p)
Cl0p exploited CVE-2023-34362 in Progress Software's MOVEit Transfer to mass-extort over 2,700 organizations, including the BBC, British Airways, and the U.S. Department of Energy.
Xplain Play ransomware and Swiss federal documents leak (2023)
Play ransomware breached Swiss IT services provider Xplain, exfiltrating 1.3 million files. Approximately 65,000 documents belonging to the Swiss Federal Administration — including classified content, personal data, and readable passwords — were published on Play's dark-web leak site in June 2023.
Microsoft Storm-0558 signing-key theft and US government email access (2023)
China-based Storm-0558 forged authentication tokens using a stolen Microsoft consumer signing key and read email at approximately 25 organisations — including the US State Department, the Department of Commerce, and the U.S. Ambassador to China. The 'cascade of errors' that enabled it became a defining case for cloud-provider key custody.
Latitude Financial Services data breach
Australian consumer-credit lender Latitude Financial disclosed that attackers had exfiltrated 14 million records — including 7.9 million driver's licence numbers and 53,000 passport numbers — via credentials stolen from a service provider.
Indigo Books LockBit ransomware
LockBit affiliates encrypted Canada's largest bookseller, taking the website and in-store payment systems offline for weeks. Indigo publicly refused the ransom; LockBit published employee personal data.
Royal Mail LockBit ransomware
LockBit affiliates encrypted Royal Mail's international export systems, halting all overseas postal services from the U.K. for six weeks. Royal Mail publicly refused the £65.7M ransom demand; LockBit progressively leaked exfiltrated data.
2022
10 incidentsAIIMS Delhi ransomware
Ransomware encrypted the All India Institute of Medical Sciences in New Delhi — India's most prestigious public hospital — taking patient registration and clinical records offline for two weeks during peak winter patient load.
Medibank ransomware (REvil-affiliated)
Russian-speaking attackers exfiltrated full health-claim records on 9.7 million current and former Medibank customers, then released them in tranches on the dark web after the Australian insurer refused to pay.
Optus customer data breach
An unauthenticated API endpoint exposed personal data of 9.8 million current and former Optus customers — names, dates of birth, passport and driver's licence numbers — to a single anonymous attacker.
LastPass two-stage breach and customer vault theft (2022)
An August 2022 source-code theft from one LastPass developer's laptop chained into a November 2022 compromise of a DevOps engineer's personal computer — yielding access to backups of customer password vaults. Federal investigators later linked LastPass-stolen vaults to a $150 million crypto heist.
Continental AG LockBit ransomware (Germany, 2022)
LockBit operators infiltrated parts of German auto-parts giant Continental AG's IT systems in August 2022. Containment was initially declared, but in November the group put 40 terabytes of stolen Continental data on its dark-web leak site, offered for sale or destruction for $50 million.
Albania HomeLand Justice destructive wiper (Iran MOIS, 2022)
Iran's Ministry of Intelligence and Security, operating as 'HomeLand Justice', spent 14 months dwelling in Albanian government networks before launching ransomware-style file encryption and disk-wiping malware. Albania suspended online public services and became the first country in history to sever diplomatic ties with another state over a cyberattack.
Conti ransomware attack on the Government of Costa Rica
Conti encrypted 27 Costa Rican government institutions including the Ministry of Finance, paralyzing tax collection and customs for months. President Chaves declared a national emergency — the first cyber-incident state of emergency in history.
Ronin Bridge heist
Lazarus operators compromised five of nine Ronin validator nodes and forged withdrawal signatures, draining 173,600 ETH and 25.5 million USDC (~$625M) — the largest cryptocurrency theft on record at the time.
Toyota Kojima Industries supply-chain cyberattack (2022)
An attack on Toyota plastics-and-electronics supplier Kojima Industries paralysed one server enough to halt production at all 14 of Toyota's Japanese plants — about 13,000 vehicles of daily output — making the case the canonical example of just-in-time manufacturing's cyber-fragility.
Viasat KA-SAT AcidRain wiper
One hour before Russia's invasion of Ukraine, Sandworm operators deployed the AcidRain wiper against Viasat KA-SAT satellite modems, bricking ~30,000 European terminals and 5,800 German wind turbines and disabling Ukrainian military command-and-control.
2021
10 incidentsArgentina RENAPER national ID database breach (2021)
An attacker used a compromised government VPN account to query Argentina's RENAPER national ID database for all 45 million Argentines. Photos and ID details for the president, soccer star Lionel Messi, and other public figures were posted to Twitter as proof. The data went on sale on a dark-web forum.
Hillel Yaffe Medical Center DeepBlueMagic ransomware (Israel, 2021)
DeepBlueMagic ransomware — attributed by Israeli officials to a Chinese criminal group — hit Hillel Yaffe Medical Center in Hadera, becoming the first known successful ransomware attack on an Israeli healthcare entity. Recovery extended for months. Israeli authorities subsequently reported a wave of follow-on attempts against nine more hospitals.
T-Mobile US data breach (Binns)
A 21-year-old American living in Turkey, John Binns, claimed to have hacked T-Mobile via an exposed GGSN router and exfiltrated personal data on 76.6 million current, former, and prospective customers.
Transnet 'Death Kitty' ransomware (South Africa, 2021)
A ransomware attack on South Africa's state-owned logistics firm Transnet shut down operations at Durban, Ngqura, Port Elizabeth and Cape Town container terminals, forcing the operator to declare force majeure. Durban — 60% of Southern Africa's containerised trade — reverted to paper-based clearance for cargo for a week.
Kaseya VSA supply-chain ransomware (REvil)
REvil affiliates exploited a SQL injection zero-day in Kaseya's VSA remote-management platform to push ransomware to ~60 MSPs and through them to ~1,500 downstream organisations. The largest supply-chain ransomware attack on record.
JBS Foods REvil ransomware
REvil affiliates encrypted the world's largest meat processor, shutting down beef and pork plants across the U.S., Canada, and Australia. JBS paid an $11 million ransom — one of the largest publicly-confirmed ransomware payments at the time.
HSE Ireland ransomware (Conti)
Conti ransomware paralysed Ireland's Health Service Executive, forcing cancellation of outpatient appointments nationwide for weeks. Conti released the decryptor for free; recovery still cost an estimated €100M+.
HSE Ireland Conti ransomware national healthcare shutdown (2021)
Conti operators tricked an HSE user into downloading a booby-trapped Excel attachment; the resulting ransomware forced the Health Service Executive to shut down all of Ireland's healthcare IT systems and exfiltrated 700 GB including COVID-19 vaccination PHI. Recovery cost exceeded €100 million.
Colonial Pipeline ransomware (DarkSide)
A reused VPN password let DarkSide encrypt Colonial Pipeline's billing systems. The operator shut down 5,500 miles of fuel pipeline for six days, paid $4.4M, and triggered a federal emergency.
CD Projekt Red HelloKitty ransomware and source-code theft (2021)
HelloKitty ransomware encrypted CD Projekt Red devices and exfiltrated source code for Cyberpunk 2077, The Witcher 3, Gwent, and an unreleased version of The Witcher 3. CDPR refused to pay; the data was auctioned and reportedly sold to a private buyer.
2020
4 incidentsSolarWinds SUNBURST supply-chain compromise (Cozy Bear)
Russian SVR operators trojanized SolarWinds Orion build infrastructure, distributing a backdoored update to 18,000 customers including the U.S. Treasury, Commerce, DHS, State, and Energy departments. The defining state cyberespionage operation of the decade.
Vastaamo psychotherapy data breach and patient extortion (Finland, 2020)
Records on approximately 33,000 patients of Finnish psychotherapy provider Vastaamo were stolen in 2018 from an unencrypted database with no root password. After failed company-extortion in October 2020, the attacker sent ransom demands to ~30,000 patients directly. Founder later acquitted; Aleksanteri Kivimäki convicted and sentenced to 6 years 3 months.
Garmin WastedLocker ransomware (Evil Corp)
Evil Corp deployed the WastedLocker ransomware against Garmin, taking flyGarmin aviation services, Garmin Connect, and inReach satellite messaging offline for five days. Garmin paid an estimated $10M ransom despite OFAC sanctions on Evil Corp.
Picanol Group ransomware production halt (Belgium, 2020)
A ransomware attack paralysed weaving-machine manufacturer Picanol's plants in Ieper (Belgium), Romania, and China, halting production for ~2,300 employees for over a week. Trading in Picanol shares was suspended during the disruption.
2019
6 incidentsTravelex Sodinokibi ransomware and collapse (2019–2020)
REvil/Sodinokibi operators detonated against Travelex on New Year's Eve 2019 after dwelling in the network for six months via an unpatched Pulse Secure VPN. Travelex paid $2.3 million; parent Finablr failed; PwC put Travelex into administration with the loss of over 1,300 jobs.
Maastricht University Clop ransomware (Netherlands, 2019)
TA505 used Clop ransomware to encrypt 267 Maastricht University servers over Christmas 2019 after two phishing emails on 15–16 October had compromised the network. The university paid 30 BTC (~$220,000). The ransom Bitcoin — later seized from a money mule — was returned and had appreciated, leaving the university ahead by ~$300,000.
Pemex DoppelPaymer ransomware (Mexico, 2019)
DoppelPaymer ransomware paralysed corporate IT systems at Mexican state oil company Pemex, freezing payments and communications for weeks. Attackers demanded 565 BTC (~$5M). Pemex refused to pay; total recovery cost reached approximately $71 million.
Capital One cloud misconfiguration breach
Former AWS engineer Paige Thompson exploited a misconfigured Web Application Firewall to extract personal data on roughly 106 million Capital One credit-card applicants and customers from S3.
Desjardins insider data breach
An insider at Desjardins — the largest financial cooperative in Canada — exfiltrated personal data on 9.7 million members and businesses over two years before being caught. The defining Canadian insider-threat case.
Norsk Hydro LockerGoga ransomware
Aluminium producer Norsk Hydro lost most of its global IT estate to the LockerGoga ransomware. Hydro publicly refused to pay, ran operations on paper for weeks, and set the editorial standard for transparent incident communication.
2018
5 incidentsMarriott / Starwood guest data breach
Chinese state-attributed operators sat undetected on Starwood's guest reservation database from 2014, surviving Marriott's 2016 acquisition. Disclosed 2018: 500 million guest records exposed, including 5.25 million unencrypted passport numbers.
British Airways Magecart card-skimming
Magecart operators injected card-skimming JavaScript into British Airways' payment page, stealing card details on 380,000 transactions over 15 days. UK ICO initially proposed a £183.4M GDPR fine — later reduced to £20M after Covid-impact mitigation arguments.
SingHealth data breach
Chinese state-attributed actors exfiltrated personal and outpatient medication records on 1.5 million SingHealth patients — including Prime Minister Lee Hsien Loong — in Singapore's most serious cyber incident.
Coincheck NEM heist
Tokyo-based cryptocurrency exchange Coincheck lost 523 million NEM tokens (~$530M at the time) from a hot wallet that had no multi-signature protection. The largest single crypto-exchange theft at the time — later attributed to North Korea's Lazarus Group.
Aadhaar database exposure
Tribune India journalists demonstrated that paid intermediaries could provide full Aadhaar records — including biometric-linked identity data on roughly 1.1 billion Indian residents — for 500 rupees per record.
2017
3 incidentsEquifax data breach
An unpatched Apache Struts vulnerability let attackers exfiltrate Social Security numbers, dates of birth, addresses, and driver's license numbers for 147 million U.S., U.K., and Canadian consumers.
NotPetya destructive wiper
A destructive wiper disguised as ransomware, propagated via a compromised Ukrainian accounting software update. Estimated $10 billion in global damage — the most economically destructive cyberattack in history.
WannaCry ransomware worm
A North Korean ransomware worm that exploited the EternalBlue SMB vulnerability to spread to ~200,000 systems across 150 countries in 24 hours. Paralysed the U.K.'s NHS and crippled manufacturing globally.
2016
4 incidentsLeak at Dailymotion
85 million people username email address Password hashes
Yahoo data breaches (3 billion accounts)
Two separate breaches — disclosed in 2016 but stretching back to 2013 and 2014 — exposed every Yahoo account in existence. Three billion accounts: the largest single-company data exposure in history.
Democratic National Committee hack
Russian GRU Units 26165 (APT28) and 31165 (APT29) compromised the Democratic National Committee, Hillary Clinton campaign, and DCCC. Stolen emails were selectively released via 'DCLeaks', 'Guccifer 2.0', and WikiLeaks to influence the 2016 U.S. presidential election.
Bangladesh Bank SWIFT heist
Lazarus operators sent fraudulent SWIFT instructions through the New York Fed to wire $951 million out of Bangladesh Bank's reserve account. A typo on one transfer stopped $850M; $81M still escaped to Philippine casinos.
2015
5 incidentsUkraine power grid attack — Sandworm BlackEnergy (2015)
The Russia-linked Sandworm group used spear-phishing, BlackEnergy3, and KillDisk to remotely flip breakers at three Ukrainian regional electricity distribution companies, cutting power to approximately 230,000 customers for 1–6 hours. It is the first publicly acknowledged successful cyberattack on an electric power grid in history.
TalkTalk customer data breach
An SQL injection attack — committed primarily by four British teenagers — exposed personal data on roughly 157,000 TalkTalk customers including bank account details. Triggered a record £400,000 UK ICO fine.
U.S. Office of Personnel Management breach
Chinese state operators exfiltrated background-investigation forms (SF-86s) for 21.5 million U.S. federal employees and contractors — the most-damaging intelligence-loss cyber incident in U.S. government history.
German Bundestag intrusion (APT28)
Russian GRU Unit 26165 (APT28 / Fancy Bear) compromised the Bundestag's parliamentary network, exfiltrating ~16 GB of data including emails from Chancellor Merkel's parliamentary office. Forced a full Bundestag IT estate rebuild.
Anthem Inc. data breach
Chinese state-attributed actors exfiltrated personal data on 78.8 million current and former Anthem health insurance customers — at the time the largest healthcare-sector breach in U.S. history.