Attackers claim theft of 183M records from major oil company

Published: 16 January 2026
Last updated: 16 January 2026
TotalEnergies logo on a persons back
Image by Alain Pitton via Getty Images.

TotalEnergies, a French energy and petroleum behemoth, has supposedly suffered a data breach, exposing tens of millions of records. While the perpetrators' claims are hardly trustworthy, they have started posting customer data on the social platform X.

Key takeaways:
  • Attackers claim they stole 183 million records from French energy giant TotalEnergies.
  • Stolen data allegedly includes bank account numbers, emails, addresses, and phone numbers of French customers.
  • Cybercriminals posted data samples on social media, though the full database size remains unverified.
Key Takeaways by nexos.ai, reviewed by Cybernews staff.

Malicious actors announced the alleged attack on a popular data leak forum, which cybercriminals use to trade in stolen data. The attackers claim that they’ve obtained an extensive database with nearly 184 million records.

ADVERTISEMENT

TotalEnergies is one of the world’s largest energy companies, grouped under the “big oil” umbrella, with a revenue of nearly $200 billion. We’ve reached out to the company for comment and will update this article once we receive a reply.

According to the cybercriminals, the exposed details include:

  • Emails
  • Client IDs
  • Bank account numbers
  • Home addresses
  • Phone numbers
  • Other personal details
TotalEnergies data breach claims
Forum post announcing the alleged data leak. Image by Cybernews.

Based on the post, it would appear that the data may come from TotalEnergies’ French website, which customers use to register for energy utilities. If confirmed, the attack would increase cybersecurity risks for affected individuals, including identity theft and phishing.

The Cybernews research team looked into the attackers’ claims, noting they provided several lines of records. While the data attackers provided could be legitimate, cybercriminals who claim access to tens of millions of records often provide thousands of records as proof of access to larger databases.

Erratic hacker behavior

The attackers, who call themselves HawkSec, appear very keen to peddle the data. For example, the hacker collective X account started posting screenshots that appear to show personal customer details.

ADVERTISEMENT

However, it’s impossible to verify the data’s legitimacy at this point. So far, the attackers have shared at least two posts allegedly containing TotalEnergies’ French customers' data.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

Meanwhile, our researchers note that HawkSec’s behavior caught the attention of the admins of the data leak forum, who warned the attacker several times for failing to comply with the forum’s rules. This behavior could signal desperation to sell the data or general inexperience in cybercrime.

The same attacker collective took credit for several attacks on large brands this week. The hacker collective said it had obtained 78M records from Discord and over a million records from Orange Rwanda. Neither company has confirmed a data breach so far.

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Meta confirms: critical vulnerability in account recovery tool exposed over 20K Instagram users
UK to use AI to prepare for AI-induced employment challenges
Dark web drug vendor gets 26 years for selling fentanyl and meth
Meta escalates legal battle with Israeli spyware firm NSO over WhatsApp attacks
UK PM Starmer set to ban social media for Under-16s
OpenAI plans biggest ChatGPT overhaul ahead of listing
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked