A huge database containing tens of millions of French citizens’ records has been discovered sitting openly on a cloud server.
According to researchers at Cybernews, the archive appears to combine data from at least five separate breaches – including voter information, healthcare registries, financial profiles and vehicle data.
In total, it is believed to contain around almost 45 million records.
Here is what we know so far – and why it matters.
Cybernews say the database included:
- 23+ million entries linked to voter or demographic registries, including full names, addresses and dates of birth
- Around 9.2 million records, reportedly linked to France’s RPPS/ADELI professional healthcare registries
- More than 6 million CRM-style contact records
Approximately 6 million financial profiles, including IBANs and BICs connected to French banks - Vehicle registration and insurance information.
Rather than a single company being hacked, this appears to be a compiled database, built by someone who gathered data from multiple previous breaches and merged it into one searchable resource.
Researchers believe it was likely created by a criminal data broker looking to increase the resale value of the stolen information. The server has since been secured.
Why this type of database is so dangerous
When separate breaches are combined into a single dataset, the risk to individuals increases significantly.
On their own, a name and email address might enable spam. But when linked to other information such as your full name, home address and banking identifiers, cybercriminals start to build a powerful identity profile.
That level of cross-linked information can enable:
- Targeted phishing attacks
- Identity theft
- Loan or credit fraud
- Bank transfer scams
- Highly convincing impersonation attempts.
For example, a fraudster could send an email that appears to come from your bank, correctly referencing your full name, postcode and even the bank you use. That level of detail makes the message feel legitimate and increases the chance someone clicks a malicious link or shares further information.
Could this involve people in the UK?
The database reportedly relates to French citizens and French systems. However, your information could potentially have been included in one of the original breaches that fed into this database if you:
- Lived in France
- Have dual nationality
- Worked there
- Used French financial or healthcare services.
A wider pattern: data brokers and repackaged breaches
This is not the only French data breach on our radar right now. Retailer ManoMano is currently in the news after it confirmed that customer data was accessed following a cyberattack. 37.8 million user accounts might be compromised in this breach.
In this case, the incident may affect tens of millions of users across Europe – including the UK.
If you’ve used manomano.co.uk to buy tools, garden equipment or home improvement products, and reached out to the retailer for customer support, you could be at risk.
If evidence emerges that UK residents have been impacted and a claim route becomes available with one of our trusted law firm partners, we will explain it clearly – in plain English – so you can decide what to do next.
Join the Claim connects consumers with SRA-regulated lawyers. Visit the claim page to check your eligibility if a claim is open with one of our trusted legal partners. If a group action has not yet been launched, you can register your interest and we’ll keep you informed if a partner firm decides to take a claim forward.
