France has just been the victim of a new wave of unprecedented cyberattacks. Many French sports federations, but also the energy supplier e.Leclerc, were targeted. In total, we are talking about more than 4.5 million pieces of data compromised!
In terms of cyberattacks, France has not been spared in 2024, far from it. It’s simple, just between September 2024 and November 2024, we counted more than one thirty cyberattacks carried out against French companies or institutions.
We think, for example, of the terrible cyberattack directed against Free at the end of October 2024. A hacker managed to steal the data of more than 19 million Freebox and Free Mobile subscribers. A few weeks earlier, customer data from Boulanger, Cultura, Truffaut and Cybertek were compromised during a massive leak.
Unfortunately, 2025 will not put an end to this succession of data leaks. As reported by renowned hacker SaaX sur X, France is once again targeted by an unprecedented wave of cyberattacks. Among the victims of the day, we include E.Leclercthe energy supplier of the famous mass retail brand.
E.Leclerc, latest victim in a long list
Since this Thursday, the French company has started sending emails to its customers (current and former) to inform them of a “fraudulent attempt to access Primes Énergies E.Leclerc accounts”. In its email, the brand specifies that “some information may have been exposednamely: surname, first name, email address, access identifiers, file number, amount of the premium, wording of service”.
-The icing on the cake, Leclerc recommends to its clients to change your password on all services for which you use similar identifiers. A roundabout way of saying that passwords were also compromised in this leak…
Several French sports federations affected
But that's not all. We also learn thanks to SaaX that several French sports federations have been targeted by a hacker with the nickname “TheFrenchGuy”. According to the hacker's information, the culprit attacked an IT service provider in charge of the data of licensees and managers of several French federations. In fact, here is the complete list of federations concerned and the number of people impacted:
- French Boxing Federation : more than 620,264 users affected
- French Motorsport Federation : more than 361,740 users affected
- French Motorcycling Federation : more than 462,912 users affected
- Sports and Cultural Federation of France : more than a million and 334,442 users affected
- French Mountaineering and Climbing Federation : more than 808,881 users affected
- French Force Federation : more than 64,512 users affected
In total, more than 4.5 million pieces of data would have been stolen during this operation. On this subject, “TheFrenchGuy” has already been put up for sale on the dark web 8 databasesone for each federation concerned… We would find the names/first names, email addresses, date of birth, email addresses, postal addresses, identifiers and telephone numbers of the licensees and employees of these federations.
According to SaaX, the authenticity of the data recovered is almost certain in view of the samples provided by the hacker as evidence. For now, some databases have been put up for auction, while others are up for sale to the highest bidder. In any case, you will have to be extremely vigilant in the days/weeks to come if you are one of the unfortunate victims. For good reason, This data will inevitably be used to set up phishing campaigns or various scams.
