Skip to content

Incidents from

2025

Data breachContained

Leak at French Speleology Federation

On 31 December 2024 the French Speleology Federation (FFS) disclosed a data leak from its insurance-subscription portal, exposing members' identity, contact details, nationality, profession and licence numbers as part of a wider wave of attacks on French sports federations.

Victim
French Speleology Federation
Data breachOngoing

Data leak at UniversitΓ© de Lille

On 29 December 2025, a record of 7,244 UniversitΓ© de Lille students β€” reportedly from an IUT Informatique internship database β€” was posted on BreachForums by an actor using the LAPSUS$ name, exposing names, dates of birth, postal addresses, emails and phone numbers.

Victim
UniversitΓ© de Lille
Records
7.2K
Data breachResolved

WhiteDate data breach (2025)

In December 2025, the dating website "for a Europid vision" WhiteDate suffered a data breach that was subsequently leaked online, initially exposing 6.1k unique email addresses. The leaked data included extensive personal information such as physical appearance, income, education and IQ.

Victim
WhiteDate
Records
20.4K
Data breachOngoing

Leak at Allegro Musique

On 28 December 2025, a database of 161,412 members of French at-home music-lesson provider Allegro Musique was leaked, exposing names, postal addresses, emails, phone numbers, social security numbers and registration details.

Victim
Allegro Musique
Records
161.4K
Data breachContained

Leak at Batterie de Portable

On 28 Dec 2025, French e-commerce retailer Batteriedeportable (Aubagne) disclosed a November cyberattack that exposed customer identity and contact data β€” names, dates of birth, postal/email addresses and phone numbers. It claims over a million European customers.

Victim
Batterie de Portable
Data breachUnknown

Leak at Europages

On 28 December 2025, a database of 205,403 B2B prospects from European business directory Europages was reported leaked, exposing contact and company-registration details (names, job titles, employers, postal and email addresses, phone numbers, SIRET and VAT identifiers).

Victim
Europages
Records
205.4K
Data breachOngoing

Leak at ENI

In December 2025, the French operations of Italian energy group ENI suffered a data breach claimed by the Lapsus$ group, exposing professional contact details for tens of thousands of business customers; ENI confirmed the incident and notified the CNIL.

Victim
ENI
Data breachContained

Leak at HelloWork

In late December 2025, French recruitment platform HelloWork disclosed that data on roughly 2.8 million jobseekers β€” names, emails and professional-profile details β€” was scraped from its CV library via a fraudulently used recruiter account and offered for sale online.

Victim
HelloWork
Records
2.8M
Data breachUnknown

Leak at PayTrip

On 27 December 2025, French money-transfer fintech PayTrip suffered a data breach exposing data on 74,877 customers, including names, contact details, IBANs and account balances, later circulated online by a threat actor.

Victim
PayTrip
Records
74.9K
RansomwareContained

Leak at Commune de Lens

In late December 2025, the town hall of Lens (Pas-de-Calais, France) disclosed an intrusion into its information system that paralysed municipal services for about a week, blocking staff software and telephone lines; the attack vector was undisclosed and data theft was not confirmed.

Victim
Commune de Lens
Data breachUnknown

Leak at French Kick Boxing Federation

In late December 2025, the French Kick Boxing Federation (FFKMDA) had its member database leaked on BreachForums, exposing 361,321 licensees' names, dates of birth, nationalities, contact details, postal addresses and licence records across 2015-2026 seasons.

Victim
French Kick Boxing Federation
Records
361.3K
Data breachContained

Leak at Mondial Relay

In December 2025, French parcel-delivery firm Mondial Relay disclosed a cyberattack in which attackers accessed customer and shipment data β€” names, emails, postal addresses, phone numbers and parcel-tracking details; a dark-web actor claimed roughly 25.7 million records.

Victim
Mondial Relay
Data breachUnknown

Leak at Nouvelle Lune

On 26 December 2025, a customer database from French online boutique Nouvelle Lune was leaked, exposing personal data for roughly 161 customers, including names, email and postal addresses, and order history.

Victim
Nouvelle Lune
Data breachContained

Leak at French Swimming Federation

Data on roughly 1.3 million members of the French Swimming Federation (FFN) was put up for sale on BreachForums on 23 December 2025 after its Extranat management platform was breached, exposing identity details, contact information and licence numbers.

Victim
French Swimming Federation
Records
1.3M
Data breachUnknown

Leak at 123 casting

On 22 December 2025, a database of roughly 240,000 users of French casting platform 123casting was published on BreachForums, exposing identities, contact details, MD5-hashed passwords, physical measurements, ethnic origin, photo/video books, private messages and payment data.

Victim
123 casting
Records
240.0K
Data breachContained

Leak at Altitude Infra

Altitude Infra, a major French independent fiber-optic infrastructure operator, had ~5.76 GB (52 files) stolen from a partner extranet and offered for sale online, exposing network documentation, ISP-partner files and end-customer eligibility data across its 3M+ connected locations.

Victim
Altitude Infra
Data breachUnknown

Leak at justice.fr

On 22 December 2025 a database attributed to the French justice system (justice.fr) recirculated online, exposing personal, professional and banking data β€” including IBAN/BIC β€” of 1,100+ magistrates, judges, lawyers and judicial staff.

Victim
justice.fr
Data breachContained

Leak at Chronopost

In December 2025, a 680 MB dataset on ~860,000 Chronopost customers β€” names, emails and parcel details scraped from the La Poste Pickup relay-point network β€” was published on BreachForums; the data covered shipments from spring 2025.

Victim
Chronopost
Records
860.0K
Data breachUnknown

Leak at La Licra

On 19 December 2025, a data leak at French anti-racism association La Licra (LICRA) exposed the email addresses and hashed passwords of 186 website subscribers and 8 administrators.

Victim
La Licra
Data breachContained

Leak at the French Ministry of Sports

On 19 December 2025 France's Ministry of Sports confirmed a breach of a system tied to the Pass'Sport aid scheme, exposing data on about 3.5 million households β€” names, dates of birth, contact details, social security, INE and CAF numbers β€” published on a criminal forum.

Victim
French Ministry of Sports
Data breachContained

Leak at Red by SFR

In December 2025, French telecom operator SFR disclosed a data breach affecting Red by SFR customers, exposing names, postal and email addresses, phone numbers and customer reference numbers after an internal fiber-connection management tool was compromised.

Victim
Red by SFR
Data breachUnknown

Leak at Parashop

On 17 December 2025, a leak of customer data from French parapharmacy retailer Parashop was disclosed, exposing personal records including full names, dates of birth and postal addresses.

Victim
Parashop
Data breachResolved

Pass'Sport data breach (2025)

In December 2025, data from France's Pass'Sport program was posted to a popular hacking forum. Initially misattributed to CAF (the French family allowance fund), the data contained 6.5M unique email addresses affecting 3.5M households.

Victim
Pass'Sport
Records
6.4M
Data breachResolved

APOIA.se data breach (2025)

In December 2025, a database of the Brazilian crowdfunding platform APOIA.se was posted to an online forum. In January 2026, the company confirmed it had suffered a data breach. The incident exposed 451k unique email addresses along with names and physical addresses.

Victim
APOIA.se
Records
450.8K
Supply chainOngoing

Leak at PornHub

On 16 December 2025, adult-content platform Pornhub disclosed that historical analytics data on select Premium users β€” including email addresses and search/viewing history β€” was stolen via third-party provider Mixpanel; ShinyHunters claimed ~200 million records and demanded a ransom.

Victim
PornHub
Data breachContained

Data leak at SoundCloud

In December 2025, music-streaming platform SoundCloud disclosed a breach in which an attacker abused an internal system to map roughly 29.8 million private email addresses to public profile data β€” about 20% of its users; no passwords or payment data were taken.

Victim
SoundCloud
Records
29.8M
Data breachResolved

Raaga data breach (2025)

In December 2025, data allegedly breached from the Indian streaming music service "Raaga" was posted for sale to a popular hacking forum. The data contained 10M unique email addresses along with names, genders, ages (in some cases, full date of birth), postcodes and passwords stored as unsalted MD5…

Victim
Raaga
Records
10.2M
Data breachContained

Leak at the French Ministry of the Interior

In December 2025, attackers compromised professional email accounts at France's Ministry of the Interior and accessed sensitive police files including the TAJ criminal-records and FPR wanted-persons databases; the ministry confirmed a few dozen files were exfiltrated while attackers claimed data on 16.4 million people.

Victim
French Ministry of the Interior
Data breachUnknown

Leak at Euromatik

On 12 December 2025, customer data from French roller-shutter and home-automation retailer Euromatik was exposed in a breach, including names, postal and email addresses, phone numbers, order and contract details, and hashed passwords.

Victim
Euromatik
Data breachUnknown

Leak at France Ventilation

On 12 December 2025, France Ventilation, a French ventilation and air-treatment specialist, disclosed a data breach that exposed customers' payment card details β€” card number, expiration date and CVV β€” raising a direct risk of banking fraud.

Victim
France Ventilation
Data breachContained

Leak at French Cycling Federation

On 10 December 2025, the FΓ©dΓ©ration FranΓ§aise de Cyclisme detected an intrusion (via stolen credentials/infostealers, no MFA) exposing licensees' names, dates of birth, nationality, postal addresses, emails and phone numbers; group Dumpsec also claimed to hold ID documents.

Victim
French Cycling Federation
Supply chainContained

Data leak at UFOLEP (via Exalto)

On 10 December 2025, UFOLEP β€” the French multi-sport federation β€” disclosed that a compromised account on its third-party licence-management provider Exalto exposed at least 3,624 member records, including identity, contact and legal-guardian details.

Victim
UFOLEP
Records
3.6K
Data breachResolved

Dragonica Lunaris data breach (2025)

In December 2025, the European Dragonica private server Dragonica Lunaris suffered a data breach. The incident exposed 126k email addresses, usernames, dates of birth and bcrypt password hashes. The service operator confirmed the breach and advised it has since been fixed.

Victim
Dragonica Lunaris
Records
126.3K
Supply chainContained

Leak at ASAF & AFPS (via Itelis)

Members of insurer ASAF & AFPS had personal data exposed after a breach at Itelis, the optical-care network processing their claims; names, dates of birth, social security numbers, claim records and vision-correction data from 2020-2022 were affected.

Victim
ASAF & AFPS
Data breachContained

Leak at Cuisinella

In December 2025, French kitchen retailer Cuisinella (Schmidt Groupe) disclosed that an unauthorized third party accessed customer contact details β€” title, first name, last name, phone number and email address β€” for thousands of customers; no bank, address or password data was exposed.

Victim
Cuisinella
Data breachContained

Leak at French Handball Federation (via GestHand)

In early December 2025, the French Handball Federation (FFHandball) disclosed that its GestHand administrative platform β€” used by some 2,400 clubs, committees and leagues β€” was breached via compromised credentials, exposing licensees' names, gender, dates of birth, emails and phone numbers.

Victim
French Handball Federation
Data breachContained

Leak at Schmidt

In early December 2025, French kitchen and home-furnishing group Schmidt (brands Schmidt and Cuisinella) disclosed that an unauthorized third party had accessed the contact details of thousands of customers and prospects β€” title, name, first name, phone number and email address.

Victim
Schmidt
Data breachContained

Leak at MΓ©decin Direct

MΓ©decinDirect, the French teleconsultation platform (a Teladoc Health subsidiary), disclosed on 3 December 2025 a data breach detected on 28 November exposing the personal and health data of around 285,000 patients, with a threat actor claiming up to 323,069 records.

Victim
MΓ©decin Direct
Data breachContained

Leak at Leroy Merlin

In December 2025, French DIY retailer Leroy Merlin disclosed a cyberattack that exposed the loyalty-program data of several hundred thousand French customers, including names, contact details, postal addresses and dates of birth; no banking data or passwords were affected.

Victim
Leroy Merlin
Data breachContained

Leak at France Travail

On 1 December 2025, France Travail and the Missions Locales network disclosed that an attacker who hijacked a local-mission agent's account accessed records of about 1.6 million young people, exposing names, dates of birth, social security numbers and contact details.

Victim
France Travail
Records
1.6M
RansomwareOngoing

Leak at La Centrale du Financement

A threat actor exfiltrated around 387 GB of data (some 411,000 files) from French mortgage and credit broker La Centrale de Financement, exposing highly sensitive customer KYC documents, financial records and internal files, then offered the dataset for sale after failed extortion negotiations.

Victim
La Centrale du Financement
Supply chainContained

Leak at AG2R la Mondiale (via Itelis)

Disclosed in November 2025, a cyberattack on Itelis β€” the optical-care third-party network used by insurer AG2R la Mondiale β€” exposed beneficiaries' names, dates of birth, social security numbers, reimbursement records and vision-correction data for optical coverage handled between 2020 and early 2022.

Victim
AG2R la Mondiale
Data breachContained

Leak at French Dance Federation

In November 2025, the French Dance Federation (FFDanse) suffered a cyberattack on its extranet that damaged the server and exposed licence-holders' personal data, including names, dates of birth, contact details, licence numbers and hashed passwords; no medical or banking data was affected.

Victim
French Dance Federation
Data breachContained

Leak at Itelis

In November 2025, Itelis β€” a French optical health-care network linked to AXA β€” disclosed a breach exposing roughly 1.6 million beneficiaries' identity and optical-reimbursement data, including names, dates of birth and social security numbers.

Victim
Itelis
Data breachUnknown

Leak at ProxiServe

On 25 November 2025, a database belonging to French residential maintenance firm ProxiServe surfaced on a hacker forum, exposing personal and service data on 294,639 customers, including names, emails, postal addresses and details of home interventions.

Victim
ProxiServe
Records
294.6K
Supply chainContained

Leak at APRS (via Itelis)

APRS members were exposed in the November 2025 breach of Itelis, AXA's third-party optical-care platform, after an attacker posed as a partner optician; leaked data included names, dates of birth, social security numbers, optical reimbursement records and vision-correction details.

Victim
APRS
Supply chainContained

Leak at Quimper town hall (via RDV360)

In November 2025, the city of Quimper (France) was caught in a supply-chain breach of appointment-booking provider RDV360, exposing roughly 12,000 contact records (name, postal code, email, phone) of residents who booked ID-card or passport renewals since April 2024.

Victim
Quimper town hall
Records
12.0K
Data breachContained

Leak at Colis PrivΓ©

In November 2025, French parcel-delivery firm Colis PrivΓ© disclosed unauthorized access to part of its systems that exposed customer contact data β€” names, postal and email addresses and phone numbers. A threat actor advertised a dataset reportedly running to tens of millions of rows; no passwords or banking data were affected.

Victim
Colis PrivΓ©
RansomwareOngoing

Leak at Michelin

In November 2025, the Cl0p extortion gang listed French tyre maker Michelin on its leak site, claiming to have stolen internal manufacturing, engineering, supply-chain, financial and HR files via the Oracle E-Business Suite zero-day (CVE-2025-61882).

Victim
Michelin
Data breachContained

Leak at Murfy

In November 2025, French home-appliance repair and refurbishment company Murfy disclosed a data breach exposing the personal data of around 294,000 customers β€” names, email and postal addresses, phone numbers and service-history details β€” but no banking data or passwords.

Victim
Murfy
Records
294.1K
Supply chainContained

Data leak at Suzuki

Suzuki France disclosed that a cyberattack on one of its third-party partner systems exposed a customer file containing names, email addresses, postal addresses and phone numbers; no financial data or passwords were affected.

Victim
Suzuki
Data breachOngoing

Leak at Resana

On 18 November 2025, users of Resana β€” France's interministerial collaborative platform run by DINUM β€” were notified of a data exfiltration after attackers logged in with a compromised account. Up to roughly one million public agents were potentially exposed, triggering ransom emails to civil servants.

Victim
Resana
Supply chainContained

Data leak at Synbird

In November 2025, Synbird β€” the SaaS provider handling municipal appointment bookings for around 1,300 French communes β€” disclosed a breach in which an attacker abused a weakly-secured PDF export to exfiltrate residents' contact details and appointment information.

Victim
Synbird
Data breachContained

Leak at Eurofiber

In November 2025, Dutch fibre-network operator Eurofiber's French unit was breached via an SQL-injection flaw in its outdated GLPI ticketing system, exposing technical and credential data tied to more than 3,600 customer organisations, including major firms and public bodies.

Victim
Eurofiber
Data breachContained

Leak at Pajemploi

In November 2025, Pajemploi β€” the Urssaf service used by French households to declare and pay childcare workers β€” disclosed a data theft affecting up to 1.2 million employees, exposing names, social security numbers, dates/places of birth, postal addresses and Pajemploi/accreditation numbers.

Victim
Pajemploi
Records
1.2M
Data breachResolved

Under Armour data breach (2025)

In November 2025, the Everest ransomware group claimed to have stolen 343GB of data from apparel maker Under Armour. After no ransom was paid, customer data was leaked in January 2026, exposing roughly 72.7 million unique email addresses with names, dates of birth, genders, locations and purchase histories. This is a separate incident from the 2018 MyFitnessPal breach.

Victim
Under Armour
Records
72.7M
Data breachResolved

CodeStepByStep data breach (2025)

In November 2025, the online coding practice tool CodeStepByStep suffered a data breach that exposed 17k records which were subsequently published online. The following month, a further corpus of data was released bringing the total to 103k.

Victim
CodeStepByStep
Records
103.1K
Data breachResolved

Operation Endgame 3.0 data breach (2025)

Between 10 and 13 November 2025, the latest phase of Operation Endgame was coordinated from Europol's headquarters in The Hague. The actions targeted one of the biggest infostealer Rhadamanthys, the Remote Access Trojan VenomRAT, and the botnet Elysium, all of which played a key role in…

Victim
Operation Endgame 3.0
Records
2.0M
Data breachContained

Data leak at Weda

On 12 November 2025, French medical-software publisher Weda disclosed a cyberattack in which compromised practitioner credentials (stolen by infostealer malware) gave attackers unauthorized access to its patient-record platform, potentially exposing sensitive medical data for tens of thousands of healthcare professionals.

Victim
Weda
Data breachContained

Leak at French Cardiology Federation

Around 11 November 2025, the FΓ©dΓ©ration FranΓ§aise de Cardiologie disclosed that an unauthorized intrusion into its IT systems exposed members' personal data β€” including names, postal and email addresses, phone numbers and passwords. No banking or medical data was compromised.

Victim
French Cardiology Federation
Data breachResolved

International Kiteboarding Organization data breach (2025)

In November 2025, the International Kiteboarding Organization suffered a data breach that exposed 340k user records. The data was subsequently listed for sale on a hacking forum and included email addresses, names, usernames and in many cases, the user's city and country.

Victim
International Kiteboarding Organization
Records
340.3K
Data breachUnknown

Leak at Oui Heberg

On 10 November 2025, French web-hosting and VPS provider OuiHeberg was reported to have leaked customer contact records β€” names, email addresses, phone numbers and postal addresses β€” following a security incident affecting its infrastructure.

Victim
Oui Heberg
Data breachResolved

Beckett Collectibles data breach (2025)

In November 2025, Beckett Collectibles experienced a data breach accompanied by website content defacement. The stolen data was later advertised for sale on a prominent hacking forum, with portions subsequently released publicly.

Victim
Beckett Collectibles
Records
1.0M
Data breachUnknown

Leak at MYM

In November 2025, a database of around 5 million records from French adult-content subscription platform MYM was published on a cybercrime forum, exposing creators' and subscribers' names, emails, postal addresses, phone numbers, IP addresses, birthdates and MD5-hashed passwords; the data traces back to a 2021 compromise.

Victim
MYM
Records
5.0M
Data breachResolved

Zilvia.net data breach (2025)

In November 2025, data breached from the Zilvia.net Nissan 240SX Silvia and Z Fairlady car forum was leaked. The breach exposed 288k unique email addresses along with usernames, IP addresses and salted MD5 password hashes sourced from the vBulletin based platform.

Victim
Zilvia.net
Records
287.9K
Data breachResolved

University of Pennsylvania data breach (2025)

In October 2025, the University of Pennsylvania was the victim of a data breach followed by a ransom demand, largely affecting its donor database. After the incident, the attackers sent inflammatory emails to some victims.

Victim
University of Pennsylvania
Records
623.8K
Credential stuffingOngoing

Leak at France Travail

In late October 2025, France Travail β€” France's public employment agency β€” disclosed a breach in which attackers used credentials harvested by infostealer malware to access job-seeker accounts and exfiltrate sensitive personal, identity and financial data; about 16,479 affected records were catalogued.

Victim
France Travail
RansomwareContained

Leak at Poltronesofa

On 27 October 2025, Italian sofa and furniture retailer PoltronesofΓ  suffered a ransomware attack that encrypted its servers and exposed personal data of thousands of customers, including names, postal addresses, emails, phone numbers and tax identification numbers; no banking data was affected.

Victim
Poltronesofa
Data breachResolved

MyVidster (2025) data breach (2025)

In October 2025, the data of almost 4M MyVidster users was posted to a public hacking forum. Separate to the 2015 breach, this incident exposed usernames, email addresses and in a small number of cases, profile photos.

Victim
MyVidster (2025)
Records
3.9M
Data breachResolved

Substack data breach (2025)

In October 2025, the publishing platform Substack suffered a data breach that was subsequently circulated more widely in February 2026. The breach exposed 663k account holder records containing email addresses along with publicly visible profile information from Substack accounts, such as…

Victim
Substack
Records
663.1K
Data breachOngoing

Leak at Regional Health Agencies of Île-de-France, Auvergne, Rhône-Alpes, Hauts-de-France, Pays de la Loire and Normandie

A September 2025 cyberattack on regional health-identity platforms used by several French Regional Health Agencies (ARS) exposed patient identity data; an attacker claimed roughly 35 million patient records across 130+ public hospitals, later offered for sale by the DumpSec group.

Victim
Regional Health Agencies of Île-de-France, Auvergne, Rhône-Alpes, Hauts-de-France, Pays de la Loire and Normandie
Supply chainContained

Leak at Mango

In October 2025, Spanish fashion retailer Mango disclosed that an external marketing service provider was breached, exposing customers' first name, country, postal code, email address and phone number; no passwords or banking data were affected.

Victim
Mango
RansomwareOngoing

Leak at Hauts-de-France high schools

Ransomware group Qilin attacked the IT systems of public high schools run by France's Hauts-de-France region in October 2025, paralysing some 80% of around 269 schools and claiming over 1 TB of stolen data including students' ID documents, CVs and academic transcripts.

Victim
Hauts-de-France high schools
Data breachContained

Leak at France Travail

On 6 October 2025, France Travail β€” France's national public employment agency β€” was hit by one of several 2025 data leaks, with personal records of roughly 5,500 job seekers exposed, including names, France Travail IDs, registration categories, email addresses, RSA welfare status and CIR identifiers.

Victim
France Travail
Data breachResolved

TISZA VilΓ‘g data breach (2025)

In late October 2025, data breached from the Hungarian political party TISZA was published online before being extensively redistributed. Stemming from a compromise of the TISZA VilΓ‘g service earlier in the month, the breach exposed 200k records of personal data including email addresses along with…

Victim
TISZA VilΓ‘g
Records
198.5K
Supply chainContained

Leak at Discord

On 4 October 2025 Discord disclosed a breach of a third-party customer-support provider that exposed support-ticket data and roughly 70,000 government-ID photos (submitted for age-verification appeals), plus names, emails, IP addresses and partial billing details.

Victim
Discord
Records
70.0K
Data breachUnknown

Leak at France Travail

On 25 September 2025, a leak attributed to France Travail, France's public employment agency, exposed the personal data of about 9,971 job seekers, including their email addresses, names and the email address of their assigned advisor.

Victim
France Travail
Records
10.0K
Supply chainContained

Leak at La Nef

In September 2025, French ethical cooperative bank La Nef notified shareholders that their email addresses were exposed after a cyberattack on third-party voting provider SLIB; only email addresses were affected, with no banking data, IDs or passwords compromised.

Victim
La Nef
Supply chainContained

Leak at Inovie Labosud

On 23 September 2025, French medical-lab group Inovie Labosud disclosed a breach exposing administrative and medical data of an estimated 3.2 million patients after attackers used a third-party provider's stolen credentials.

Victim
Inovie Labosud
Records
3.2M
Data breachContained

Leak at Digital Charging Solutions

In September 2025, EV-charging billing provider Digital Charging Solutions disclosed that a contracted third-party service provider had accessed customer records without authorization, exposing names and email addresses of an initial single-digit number of affected users.

Victim
Digital Charging Solutions
Data breachOngoing

Leak at French Table Tennis Federation

On 19 September 2025, the French Table Tennis Federation (FFTT) disclosed a data breach in which an attacker used a compromised account to bulk-extract member records, exposing the personal data of as many as 254,000 licensees, though no banking or health data.

Victim
French Table Tennis Federation
Data breachContained

Leak at Clarins

French luxury skincare group Clarins confirmed in September 2025 that the Everest extortion gang had exfiltrated contact details of customers in France, the US and Canada; the actor claimed over 600,000 records, with no financial data affected.

Victim
Clarins
Records
600.0K
Data breachContained

Leak at Plex

On 9 September 2025, media-streaming software company Plex disclosed that an unauthorized third party had accessed one of its databases, exposing user emails, usernames, securely hashed passwords and authentication data, and forcing an account-wide password reset.

Victim
Plex
Data breachResolved

WIRED data breach (2025)

In December 2025, 2.3M records of WIRED magazine users allegedly obtained from parent company CondΓ© Nast were published online. The most recent data dated back to the previous September and exposed email addresses and display names, as well as, for a small number of users, their name, phone number,…

Victim
WIRED
Records
2.4M
Data breachUnknown

Leak at Eklo

On 3 September 2025, a data leak was claimed affecting Eklo, a French budget and eco-friendly hotel chain. Details on the volume and exact categories of exposed customer data remain unverified.

Victim
Eklo
Data breachUnknown

Data leak at Syma Mobile

In September 2025, a database of 117,963 Syma Mobile customers β€” exposing names, dates of birth, postal and email addresses, phone numbers and ID-document details β€” was put up for sale on a dark-web forum alongside other French datasets.

Victim
Syma Mobile
Records
118.0K
Data breachResolved

Prosper data breach (2025)

In September 2025, Prosper announced that it had detected unauthorised access to their systems, which resulted in the exposure of customer and applicant information. The data breach impacted 17.6M unique email addresses, along with other customer information, including US Social Security numbers.

Victim
Prosper
Records
17.6M
Data breachResolved

Artists&Clients data breach (2025)

In August 2025, the "marketplace that connects artists to prospective clients" Artists&Clients, suffered a data breach and subsequent ransom demand of US$50k.

Victim
Artists&Clients
Records
95.4K
Data breachContained

Leak at Auchan

In August 2025, French retailer Auchan disclosed a breach exposing personal data of several hundred thousand Waaoh loyalty-program customers β€” names, titles, postal and email addresses, phone numbers and loyalty card numbers; bank data and PINs were not affected.

Victim
Auchan
Social engineeringContained

Leak at Google

In August 2025, Google confirmed that a Salesforce CRM instance holding contact data for small-business Google Ads prospects was breached by ShinyHunters (UNC6040) via a vishing attack, exposing roughly 2.55 million records of business names, emails and phone numbers.

Victim
Google
Records
2.5M
RansomwareUnknown

Leak at Partner Immo

On 13 August 2025, Partner Immo, a French provider of online property- and condominium-management software, was reported as the target of a ransomware/data-leak incident; the exact scope and exposed data were not publicly confirmed.

Victim
Partner Immo
Supply chainContained

Leak at Alltricks

In August 2025, French online cycling and sports retailer Alltricks had its Sendinblue/Brevo email-marketing system compromised; attackers sent customers convincing phishing emails from the brand's own infrastructure, exposing names, email addresses and purchase history.

Victim
Alltricks
Data breachContained

Leak at France Travail

On 12 August 2025, France Travail, France's public employment agency, disclosed unauthorized access to its employer-facing job portal that exposed the contact details of business users β€” names, email addresses, phone numbers and an internal technical identifier.

Victim
France Travail
Data breachResolved

BreachForums (2025) data breach (2025)

In October 2025, a reincarnation of the hacking forum BreachForums, which had previously been shut down multiple times, was taken offline by a coalition of law enforcement agencies.

Victim
BreachForums (2025)
Records
672.2K
Data breachResolved

Giglio data breach (2025)

In August 2025, over 1M unique email addresses appeared in a breach allegedly obtained from Italian fashion designer Giglio. The data also included names, phone numbers and physical addresses. Giglio did not respond to repeated attempts to disclose the incident.

Victim
Giglio
Records
1.0M
Data breachContained

Leak at Optic 2000

In early August 2025, French optician chain Optic 2000 was hit by a cyberattack β€” confirmed on 30 July 2025 and affecting four stores around Paris β€” that exposed customer records including names, social security numbers, dates of birth, postal addresses, phone numbers and optician details.

Victim
Optic 2000
Supply chainContained

Leak at Air France

In August 2025, Air France-KLM disclosed that attackers accessed customer data β€” names, contact details, Flying Blue loyalty numbers and status, and customer-service request subjects β€” via a compromised third-party customer-service platform.

Victim
Air France
Data breachContained

Leak at Bouygues Telecom

On 6 August 2025, French telecom operator Bouygues Telecom disclosed a cyberattack that exposed personal data of 6.4 million customer accounts, including contact details, contractual data, civil status and IBANs (no card numbers or passwords).

Victim
Bouygues Telecom
Records
6.4M
Supply chainContained

Leak at Pandora

In August 2025, Danish jewelry maker Pandora disclosed a breach of a third-party CRM platform (Salesforce) in which attackers stole customer contact data β€” names, email addresses and birth dates β€” while stating no passwords or payment data were taken.

Victim
Pandora
Data breachResolved

Pi-hole data breach (2025)

In July 2025, a vulnerability in the GiveWP WordPress plugin exposed the names and email addresses of approximately 30k donors to the Pi-hole network-wide ad blocking project. Pi-hole subsequently self-submitted the list of impacted donors to HIBP.

Victim
Pi-hole
Records
29.9K
Data breachResolved

Hello Cake data breach (2025)

In July 2025, the sexual healthcare product maker Hello Cake suffered a data breach. The data was subsequently posted on a public hacking forum and included 23k unique email addresses along with names, phone numbers, physical addresses, dates of birth and purchases.

Victim
Hello Cake
Records
22.9K
RansomwareContained

Leak at Orange

On 25 July 2025, French telecom group Orange detected unauthorized access to one of its information systems; the Warlock ransomware group later claimed the attack and published about 4 GB of data, which Orange described as outdated or low-sensitivity.

Victim
Orange
Supply chainContained

Leak at France Travail

France Travail disclosed on 22 July 2025 that an intrusion via its Kairos platform exposed the personal data of around 340,000 job seekers, including names, postal and email addresses, phone numbers, France Travail IDs and jobseeker status; passwords and bank details were not affected.

Victim
France Travail
Records
340.0K
RansomwareOngoing

Leak at Groupe 5Γ Sec

The DragonForce ransomware group claimed a July 2025 attack on French dry-cleaning chain 5Γ Sec, exfiltrating roughly 290 GB of data β€” SQL production and test databases spanning the group's France, Switzerland, Luxembourg, Spain and Portugal operations β€” and published it after the company declined to pay.

Victim
Groupe 5Γ Sec
Data breachResolved

Allianz Life data breach (2025)

In July 2025, Allianz Life was the victim of a cyber attack which resulted in millions of records later being leaked online. Allianz attributed the attack to "a social engineering technique" which targeted data on Salesforce and resulted in the exposure of 1.1M unique email addresses, names,…

Victim
Allianz Life
Records
1.1M
Data breachContained

Leak at Louis Vuitton

In July 2025, French luxury brand Louis Vuitton disclosed that an unauthorized third party had accessed customer data β€” names, contact details, postal addresses, dates of birth and purchase history β€” as part of a global breach affecting clients in France, South Korea and other markets; no payment data was exposed.

Victim
Louis Vuitton
Data breachResolved

Canada Goose data breach (2025)

In February 2026, a data breach allegedly containing data relating to Canada Goose customers was published publicly. The data contained 920k records with 582k unique email addresses and included names, phone numbers, IP addresses, physical addresses and partial credit card data, specifically card…

Victim
Canada Goose
Records
581.9K
Social engineeringContained

C&M Software Pix heist (Brazil, 2025)

A junior developer at C&M Software β€” a Central Bank-authorized provider of Pix instant-payment connectivity β€” was paid roughly R$5,000 to hand over credentials. Attackers used the access to drain approximately R$800 million ($148 million) from reserve accounts at six Brazilian financial institutions in 2.5 hours.

Victim
C&M Software (Pix payment infrastructure provider)
Loss
$148.0M
Data breachResolved

TheSqua.re data breach (2025)

In June 2025, 107k unique customer email addresses were allegedly obtained from TheSqua.re, the "easiest way to find your next serviced apartment". The data also included names, phone numbers and cities which were subsequently posted to a popular hacking forum.

Victim
TheSqua.re
Records
107.0K
Data breachResolved

MaReads data breach (2025)

In June 2025, MaReads, the website for readers and writers of Thai-language fiction and comics suffered a data breach that exposed 74k records. The breach included usernames, email addresses, phone numbers and dates of birth. MaReads is aware of the breach.

Victim
MaReads
Records
74.5K
RansomwareOngoing

Leak at Disneyland

In June 2025, the Anubis ransomware gang claimed a 64GB leak of ~39,000 confidential files from Disneyland Paris β€” engineering plans and behind-the-scenes photos/videos of park attractions β€” said to be stolen via a compromised third-party contractor.

Victim
Disneyland
Data breachContained

Leak at HΓ΄pital privΓ© de la Loire

A cyberattack on HΓ΄pital privΓ© de la Loire (Ramsay SantΓ©) in Saint-Γ‰tienne, France exposed personal data of up to 530,000 patients, including identity details, social-security numbers (NIR), ID documents and consultation records, after a hacker used stolen physician credentials.

Victim
HΓ΄pital privΓ© de la Loire
Data breachResolved

Data Troll Stealer Logs data breach (2025)

In June 2025, headlines erupted over a "16 billion password" breach. In reality, the dataset was a compilation of publicly accessible stealer logs, mostly repurposed from older leaks, with only a small portion of genuinely new material.

Victim
Data Troll Stealer Logs
Records
109.5M
Data breachResolved

Catwatchful data breach (2025)

In June 2025, spyware maker Catwatchful suffered a data breach that exposed over 60k customer records. The breach was due to a SQL injection vulnerability that enabled email addresses and plain text passwords to be extracted from the system.

Victim
Catwatchful
Records
61.6K
Data breachResolved

Omnicuris data breach (2025)

In June 2025, the Indian CME platform Omnicuris suffered a data breach that exposed approximately 200k records of healthcare professionals. The data included names, email addresses, phone numbers, geographic locations and other data attributes relating to professional expertise and training…

Victim
Omnicuris
Records
215.3K
Data breachContained

Leak at Cartier

In June 2025, luxury jeweller Cartier (Richemont) disclosed a data breach in which attackers accessed customer records β€” names, email addresses and country of residence β€” though no passwords, payment or banking data were exposed.

Victim
Cartier
Data breachUnknown

Leak at Kaviari

On 3 June 2025, a customer database belonging to Kaviari, the Paris-based luxury caviar and premium seafood house, was reported leaked, exposing shoppers' names, contact details, dates of birth, account credentials and order histories.

Victim
Kaviari
Data breachinvestigating

Morocco ANCFCC land registry data leak

Weeks after the CNSS breach, the hacktivist Jabaroot leaked roughly 4 terabytes of data β€” millions of property certificates, title deeds, ID cards, passports, and banking documents β€” from Morocco's national land conservation agency ANCFCC.

Victim
Agence Nationale de la Conservation Foncière, du Cadastre et de la Cartographie (ANCFCC)
Records
4.0M
Data breachContained

Leak at Autosur

Autosur, a major French vehicle-inspection network, suffered a data breach exposing personal and vehicle records of millions of customers β€” names, emails, postal addresses, phone numbers, license plates and vehicle details β€” advertised for sale on a cybercrime forum.

Victim
Autosur
Data breachResolved

ColoCrossing data breach (2025)

In May 2025, hosting provider ColoCrossing identified a data breach that impacted customers of their ColoCloud virtual server product. ColoCrossing advised the incident was isolated to their cloud/VPS platform and stemmed from a single sign-on vulnerability.

Victim
ColoCrossing
Records
7.2K
Data breachResolved

Operation Endgame 2.0 data breach (2025)

In May 2025, a coalition of law enforcement agencies took down the criminal infrastructure behind the malware used to launch ransomware attacks in a new phase of "Operation Endgame".

Victim
Operation Endgame 2.0
Records
15.4M
Data breachContained

Leak at Dior

On 13 May 2025, luxury fashion house Christian Dior Couture (LVMH) began notifying customers β€” first in Asia β€” that an intrusion discovered on 7 May exposed names, contact details, purchase histories and marketing preferences; no bank or payment-card data was affected.

Victim
Dior
Data breachUnknown

Leak at Pulsy

Patient data managed by Pulsy, the regional e-health operator (GRADeS) for France's Grand Est region, was reported leaked on 13 May 2025, exposing identity details, contacts and sensitive health information including care pathways and hospitalisation records.

Victim
Pulsy
Data breachResolved

Ualabee data breach (2025)

In May 2025, the South American mobility services platform Ualabee had hundreds of thousands of records scraped from an interface on their platform. The data included 472k unique email addresses along with names, profile photos, dates of birth and phone numbers.

Victim
Ualabee
Records
472.3K
Data breachResolved

Creams Cafe data breach (2025)

In May 2025, 160k records of customer data was allegedly obtained from Creams Cafe, "the UK's favourite dessert parlour". The data included email and physical addresses, names and phone numbers.

Victim
Creams Cafe
Records
159.7K
Data breachContained

Leak at Carrefour Mobile

In April 2025, Carrefour Mobile, the Belgian MVNO of the Carrefour retail group, suffered a data breach exposing personal data of about 64,000 customers, including names, contact details, home addresses, portal passwords and, for some, passport numbers.

Victim
Carrefour Mobile
Records
64.0K
Data breachContained

Leak at Easy Cash

In April 2025, French second-hand retail chain Easy Cash disclosed a breach exposing the names, first names and dates of birth of around 92,000 customers, traced to a compromised in-store workstation.

Victim
Easy Cash
Records
92.0K
Data breachContained

Leak at Indigo

In April 2025, French parking operator Indigo disclosed a breach after attackers accessed its information systems and stole customer names, postal and email addresses, phone numbers and vehicle license plates; no banking data or passwords were affected.

Victim
Indigo
Supply chainContained

Leak at Afflelou

In April 2025, French optical and hearing-aid retailer Alain Afflelou disclosed a breach caused by a vulnerability at a third-party CRM provider, exposing the personal and commercial data of thousands of customers and prospects.

Victim
Afflelou
Supply chainResolved

Leak at Hertz

On 15 April 2025, car-rental company Hertz disclosed a data breach stemming from the late-2024 zero-day exploitation of Cleo's file-transfer software by the CL0P group, exposing customer names, contact details, dates of birth, driver's licences, credit-card and passport data.

Victim
Hertz
RansomwareOngoing

Leak at Harvest

Harvest, a French wealth-management software editor, was hit by a Run Some Wares ransomware double-extortion attack disclosed in April 2025; internal and client files were exfiltrated and published, reportedly exposing data on tens of thousands of individuals and thousands of companies.

Victim
Harvest
Data breachResolved

Synthient Stealer Log Threat Data data breach (2025)

During 2025, Synthient aggregated billions of records of "threat data" from various internet sources. The data contained 183M unique email addresses alongside the websites they were entered into and the passwords used.

Victim
Synthient Stealer Log Threat Data
Records
183.0M
Data breachResolved

Morocco CNSS social security data leak

A hacktivist using the alias Jabaroot leaked more than 53,000 PDF files and CSV databases from Morocco's National Social Security Fund, exposing national ID numbers, salaries, and banking details for nearly 2 million employees across some 500,000 companies.

Victim
Caisse Nationale de SΓ©curitΓ© Sociale (CNSS)
Loss
$4.0M
Records
2.0M
Data breachUnknown

Leak at Reporterre

A data leak disclosed on 1 April 2025 exposed personal contact details of people associated with Reporterre, the French independent environmental news outlet, including last names, first names, email addresses and postal addresses.

Victim
Reporterre
Data breachResolved

Samsung Germany Customer Tickets data breach (2025)

In March 2025, data from Samsung Germany was compromised in a data breach of their logistics provider, Spectos. Allegedly due to credentials being obtained by malware running on a Spectos employee's machine, the breach included 216k unique email addresses along with names, physical addresses, items…

Victim
Samsung Germany Customer Tickets
Records
216.3K
Supply chainContained

Leak at MAIF & BPCE

A ransomware attack on French wealth-management software vendor Harvest (Run Some Wares group, detected 27 Feb 2025) exposed personal and financial data of customers of insurer MAIF and banking group BPCE (Banque Populaire / Caisse d'Γ‰pargne) in a supply-chain breach.

Victim
MAIF & BPCE
Data breachResolved

German Doner Kebab data breach (2025)

In March 2025, data allegedly sourced from German Doner Kebab was published on a popular hacking forum. The data included 162k unique email addresses alongside names, phone numbers and physical addresses. German Doner Kebab subsequently sent a disclosure notice to impacted individuals.

Victim
German Doner Kebab
Records
162.4K
Vulnerability exploitContained

Leak at Oracle Cloud

In late March 2025, a threat actor known as 'rose87168' claimed to have stolen roughly 6 million authentication records from an Oracle Cloud SSO/LDAP endpoint, potentially affecting over 140,000 tenants; Oracle initially denied any breach before privately confirming a compromise to customers.

Victim
Oracle Cloud
Records
6.0M
Data breachUnknown

Leak at Centrale Nantes

On 26 March 2025, internal data from Centrale Nantes, a French public engineering grande Γ©cole, was reported leaked, including private reports and projects, user logins with password hashes, source code, and administrative documents.

Victim
Centrale Nantes
Data breachContained

Leak at Cerballiance

In late March 2025, French medical-laboratory network Cerballiance disclosed a data breach traced to a February intrusion on an IT provider's server, exposing administrative and some health data of patients in the PACA region, including names, social security numbers and certain test reports.

Victim
Cerballiance
Data breachResolved

Troy Hunt's Mailchimp List data breach (2025)

In March 2025, a phishing attack successfully gained access to Troy Hunt's Mailchimp account and automatically exported a list of people who had subscribed to the newsletter for his personal blog.

Victim
Troy Hunt's Mailchimp List
Records
16.6K
Data breachResolved

ADDA data breach (2025)

In March 2025, data allegedly breached from the ADDA housing societies service was posted to a public hacking forum. The data contained over 1.8M unique email addresses along with names, phone numbers and MD5 password hashes.

Victim
ADDA
Records
1.8M
Data breachContained

Leak at Autosur & Diagnosur

In March 2025, French vehicle-inspection network Autosur (Diagnosur brand) disclosed a breach exposing data on roughly 10.7 million customers β€” names, postal and email addresses, phone numbers, and detailed vehicle records including registration plates and VINs β€” later offered for sale online.

Victim
Autosur & Diagnosur
Data breachResolved

Cuties AI data breach (2025)

In March 2026, the NSFW AI companion platform Cuties AI suffered a data breach that was subsequently published to a public hacking forum. The incident exposed 144k unique email addresses along with display names, avatars, prompts and descriptions used to generate AI adult images, as well as URLs to…

Victim
Cuties AI
Records
144.3K
Data breachContained

Leak at Intersport

In March 2025, French sporting-goods retailer Intersport had data on roughly 3.4 million customers stolen via a compromised FTP server and put up for sale on BreachForums, exposing names, contact details, addresses, PayPal references and transaction history (no banking credentials).

Victim
Intersport
Records
3.4M
Supply chainContained

Leak at Direct Assurance

In March 2025, French direct insurer Direct Assurance (an AXA subsidiary) suffered a breach via its partner Run Assurance: attackers exploited a flaw in the data exchanges between the two firms to access customer personal data, raising identity-theft and phishing risks.

Victim
Direct Assurance
Data breachUnknown

Leak at LaforΓͺt

In March 2025, rental-application files held by French real estate network LaforΓͺt were exposed, leaking tenants' identity documents and bank account details (RIB) along with the rest of their dossiers.

Victim
LaforΓͺt
Data breachContained

Yale New Haven Health data breach (2025)

Suspicious network activity at Yale New Haven Health led to the largest U.S. healthcare data breach of 2025: 5.5 million patients had names, contact details, dates of birth, medical record numbers, and Social Security numbers stolen. The health system later agreed to an $18 million class-action settlement.

Victim
Yale New Haven Health System
Loss
$18.0M
Records
5.6M
Data breachContained

Data leak at UTwin

On 5 March 2025, French borrower-insurance broker UTwin notified clients that an intrusion into its IT system had temporarily exposed identity details, email addresses and phone numbers; the company said no banking, medical or contract data was affected.

Victim
UTwin
Data breachOngoing

Leak at CΓ΄tΓ© Sushi

In March 2025, French sushi-delivery chain CΓ΄tΓ© Sushi had the personal data of roughly 1.1 million customers β€” names, dates of birth, emails and phone numbers β€” scraped from its loyalty/delivery database and offered for sale on a cybercrime forum.

Victim
CΓ΄tΓ© Sushi
Records
1.1M
Data breachContained

Leak at La Poste

In March 2025, French postal operator La Poste disclosed a breach of its 'Γ‰lection du Timbre' platform exposing personal data of about 50,000 users β€” names, year of birth, email, phone and postal addresses β€” which was put up for sale online by an attacker.

Victim
La Poste
Records
50.0K
Data breachUnknown

Leak at Γ‰cole Nationale de la SΓ©curitΓ©

Disclosed on 28 February 2025, a data breach at France's Γ‰cole Nationale de la SΓ©curitΓ©, a private-security and VTC training school, exposed the personal records of roughly 30,000 trainees, including national ID numbers, social security numbers, VTC licence numbers and contact details.

Victim
Γ‰cole Nationale de la SΓ©curitΓ©
Records
30.0K
Data breachUnknown

Leak at EDF DPIH

On 28 February 2025, a threat actor claimed to have stolen a database from EDF's hydraulic generation division (DPIH), exposing power-plant intervention and maintenance plans, security inspection results and maintenance staff IDs; EDF and researchers disputed the actor's nuclear claims.

Victim
EDF DPIH
Data breachUnknown

Data leak at Zephir

On 28 February 2025, a data leak attributed to Zephir (France) exposed personal records of roughly 67,000 people, including names, email addresses, phone numbers and bank account details (IBAN).

Victim
Zephir
Data breachUnknown

Leak at Nord Emploi

On 26 February 2025, Nord Emploi β€” the Nord department's RSA return-to-employment support platform β€” was hit by a data leak exposing personal and social-support records of roughly 200,000 benefit recipients, including identity, contact, CAF/RSA and detailed welfare-accompaniment data.

Victim
Nord Emploi
Records
200.0K
Data breachContained

Leak at French Football Federation

In February 2025 the French Football Federation (FFF) suffered a data breach via a compromised account on its licensee-management platform; at least ~43,000 users had personal data exposed, including names, contact details, and copies of ID documents.

Victim
French Football Federation
Data breachUnknown

Data leak at Sport DΓ©couverte

On 17 February 2025, French sports-experience e-commerce retailer Sport DΓ©couverte (sport-decouverte.com) was reported breached, with a database of roughly 488,000 customer accounts β€” names, dates of birth, phone numbers and email addresses β€” exposed.

Victim
Sport DΓ©couverte
Records
488.0K
Data breachResolved

ALIEN TXTBASE Stealer Logs data breach (2025)

In February 2025, 23 billion rows of stealer logs were obtained from a Telegram channel known as ALIEN TXTBASE. The data contained 284M unique email addresses alongside the websites they were entered into and the passwords used.

Victim
ALIEN TXTBASE Stealer Logs
Records
284.1M
Data breachResolved

Adpost data breach (2025)

In February 2025, data obtained from an earlier Adpost breach surfaced. The dataset contained 3.3M records including email addresses, usernames, and display names. Adpost later published a disclosure notice and advised they'd forced a credential refresh, among other actions.

Victim
Adpost
Records
3.3M
Data breachResolved

Cocospy data breach (2025)

In February 2025, the spyware service Cocospy suffered a data breach along with sibling spyware service, Spyic. The Cocospy breach alone exposed almost 1.8M customer email addresses which were provided to HIBP, and reportedly also enabled unauthorised access to captured messages, photos, call logs,…

Victim
Cocospy
Records
1.8M
Data breachResolved

Spyic data breach (2025)

In February 2025, the spyware service Spyic suffered a data breach along with sibling spyware service, Cocospy. The Spyic breach alone exposed almost 876k customer email addresses which were provided to HIBP, and reportedly also enabled unauthorised access to captured messages, photos, call logs,…

Victim
Spyic
Records
876.0K
Data breachContained

Leak at Mutuelle des Motards

In February 2025, French motorcycle insurer Mutuelle des Motards suffered a breach of a marketing contact database, exposing names, email addresses, phone numbers and postal codes of more than 1.3 million members.

Victim
Mutuelle des Motards
Records
1.3M
Data breachContained

Leak at Chronopost

Chronopost, the French express parcel carrier, confirmed in February 2025 that an intrusion detected on 29 January 2025 exposed personal data of around 210,000 customers, including names, postal addresses, phone numbers and delivery signatures.

Victim
Chronopost
Records
210.0K
Data breachContained

Leak at King Jouet

In February 2025, French toy retailer King Jouet was hit by a breach of its online order-tracking interface; a hacker claimed 4.3 million records, but the company said fewer than 25,000 customers across two stores had names, contact details and order information exposed.

Victim
King Jouet
Data breachResolved

Lexipol data breach (2025)

In February 2025, the public safety policy management systems company Lexipol suffered a data breach. Attributed to the self-proclaimed "Puppygirl Hacker Polycule", the breach exposed an extensive number of documents and user records which were subsequently published publicly.

Victim
Lexipol
Records
672.5K
Supply chainContained

Leak at Espace-Recettes.fr Vorwerk

In early February 2025, Vorwerk's Thermomix recipe community Espace-Recettes.fr (Rezeptwelt) was breached via a compromised third-party server, exposing names, postal addresses, emails, phone numbers, dates of birth and cooking preferences of roughly 3.3 million users across several countries.

Victim
Espace-Recettes.fr Vorwerk
Data breachResolved

Thermomix Recipe World Forum data breach (2025)

In January 2025, the Rezeptwelt (German for "recipe world") forum for Thermomix owners suffered a data breach. The incident exposed 3.1M registered users' details including names, email and physical addresses, phone numbers, dates of birth and bios (usually cooking related).

Victim
Thermomix Recipe World Forum
Records
3.1M
Data breachContained

Leak at AIDES

On 27 January 2025, French HIV/hepatitis-prevention charity AIDES disclosed a breach of a secured file-sharing server, exposing supporters' identity, contact and banking details (IBAN) and, for some, health-related information.

Victim
AIDES
Data breachResolved

Doxbin Scrape data breach (2025)

In January 2025, 435k email addresses were scraped from the "doxing" service Doxbin. Posts to the service are usually intended to disclose the personal information of non-consensually third parties.

Victim
Doxbin Scrape
Records
435.8K
Data breachContained

Leak at E.Leclerc

In January 2025, E.Leclerc's Prime Γ©nergie (energy-rebate) platform was hit by fraudulent account access, exposing customers' names, email addresses, login credentials, file numbers, rebate amounts and service descriptions; the breach was disclosed to affected users on 24 January 2025.

Victim
E.Leclerc
Data breachResolved

Frame & Optic data breach (2025)

In January 2025, the eyewear seller Frame & Optic suffered a data breach. The incident exposed almost 16k unique email addresses along with names, phone numbers and geolocation data including country, state and postcode.

Victim
Frame & Optic
Records
15.7K
Supply chainUnknown

Leak at French Strength Federation

In January 2025, the FΓ©dΓ©ration FranΓ§aise de Force (FFForce) had personal data of 64,512 members exposed via a compromised shared sports-licensing IT provider; records (names, dates of birth, emails, postal addresses, phone numbers) were later sold on BreachForums.

Victim
French Strength Federation
Records
64.5K
Supply chainContained

Leak at French Roller Skateboard Federation

In January 2025, the FΓ©dΓ©ration FranΓ§aise de Roller et Skateboard had the personal data of roughly 577,000 members exposed after a shared sports-federation IT provider was compromised; names, dates of birth, email/postal addresses and phone numbers were leaked.

Victim
French Roller Skateboard Federation
Records
577.1K
Credential stuffingContained

Leak at Kiabi

In January 2025, French clothing retailer Kiabi disclosed a credential-stuffing attack on its secondhand site (secondemain.kiabi.com) that exposed the names, dates of birth, contact details and IBANs of about 20,000 customers.

Victim
Kiabi
Records
20.0K
Data breachResolved

Stealer Logs, Jan 2025 data breach (2025)

In January 2025, stealer logs with 71M email addresses were added to HIBP. Consisting of email address, password and the website the credentials were entered against, this breach marks the launch of a new HIBP feature enabling the retrieval of the specific websites the logs were collected against.

Victim
Stealer Logs, Jan 2025
Records
71.0M
Data breachResolved

LandAirSea data breach (2025)

In January 2025, the GPS tracking service LandAirSea suffered a data breach that exposed 337k unique customer email addresses alongside names, usernames and password hashes.

Victim
LandAirSea
Records
337.4K
Data breachContained

TelefΓ³nica Hellcat infostealer-to-Jira breach (Spain, 2025)

Infostealer malware on the endpoints of 15+ TelefΓ³nica employees gave the Hellcat ransomware group credentials into the company's internal Jira ticketing system. Social-engineering escalated the access to SSH. The group did not extort β€” it publicly published 2.3 GB including 24,000 employee emails, 470,000 internal Jira tickets, and 5,000 internal documents.

Victim
TelefΓ³nica
Records
500.0K
Data breachResolved

Scholastic data breach (2025)

In January 2025, a data breach of the publishing company Scholastic surfaced. The breach contained 4.2M unique email addresses with many of the records also including name, phone number and physical address.

Victim
Scholastic
Records
4.2M