ADVERTISEMENT

Over 90 million French records exposed: mysterious data hoarder leaves instances open

A massive leak has exposed 95 million records belonging to French citizens. The compromised phone numbers, email addresses, and partial payment information leave them vulnerable to targeted cyberattacks.

French data leak research

Image by Cybernews.

Ernestas Naprys
Ernestas Naprys Senior Journalist
Sep 25, 2024 Updated: 14 February 2026 4 min read
data-leak-french

What was in the leak?

ADVERTISEMENT
  • Lyca scrappe.txt. Likely refers to scraped data from Lycamobile, a mobile network operator.
  • Pandabuy-Email.txt. Appears to be related to Pandabuy, possibly a breach involving customer email data.
  • darty.com.txt. May refer to a breach involving Darty, a French electronics retailer.
  • discord_1_2024.txt. Indicates a potential breach or scrape related to Discord, a popular communication platform.
  • dvm.txt. The specific company is unclear. It may relate to a service or entity with the initials DVM.
  • electro-depot.fr.txt. Points to an alleged breach involving Electro Depot, a French electronics and appliance retailer.
  • db_vandb.txt. Likely related to V and B (Vins & Bières), a French retailer of wine and beer.
  • Snapchat SQL.txt. Suggests a breach involving Snapchat, particularly data extracted via SQL queries.
  • frsfr.txt. Unclear, may relate to a French service with the abbreviation “FRS.”
  • go-sport.com-export.txt. Refers to Go Sport, a French sporting goods retailer.
  • intersport-scrapped.fr.txt. Indicates scraped data from Intersport, another sports goods retailer in France.
  • ldlc.txt. Points to an alleged compromise involving LDLC, a French online electronics retailer.
  • corsegsm.com.txt. Related to Corse GSM, a Corsican mobile operator.
  • pinterest.txt. Refers to Pinterest, the social media platform.
  • minecraft.fr-forum.txt. Indicates a compromise allegedly involving a French Minecraft forum.
  • sfr.fr.txt: appears to be related to a breach involving SFR, a major French telecommunications company.
  • shadow.tech.txt. Refers to Shadow, a cloud computing service.
  • sport2000_a.txt. The information that was exposed likely refers to Sport 2000, a sporting goods retailer.
  • wakanim.txt. Indicates a leak from Wakanim, an anime streaming service.
  • rinaorc_authme.txt. Suggests the data is from Rinaorc, a Minecraft server or service using the AuthMe plugin for authentication.
french-leak-passwords

Sensitive information can lead to potential harm

  • Use secure data storage: Enforce strong authentication and access controls.
  • Conduct regular security audits: Monitor cloud infrastructure to identify and mitigate vulnerabilities.
  • Disclosure and communication: Notify affected companies and individuals promptly about the exposure and provide guidance on protecting their data.
  • Limit data collection: Collect only what’s absolutely necessary for business operations.
  • Review data aggregation practices: Reassess the security and necessity of aggregating large datasets.
  • Ensure compliance with GDPR: As well as other relevant data protection regulations.
  • Implement breach detection mechanisms: Detect unauthorized access or misconfigurations in real-time.
ADVERTISEMENT