Massive Data Breach at Colis Privé Exposes Personal Information of Over 10 Million French Citizens
In a troubling escalation of last year’s cyberattack on Colis Privé, a cybersecurity expert known as seblatombe revealed that the personal data of over 10 million French citizens including 500 public sector employees has surfaced on the dark web. The exposed information, now freely accessible, includes names, postal and email addresses, phone numbers, and package details (type, weight, and status), raising serious concerns about targeted fraud and identity theft.
The breach originated in November 2023, when Colis Privé disclosed a "limited unauthorized access" to its systems, initially downplaying the incident by stating that no financial data, passwords, or sensitive information had been compromised. However, seblatombe’s findings confirm that 22 million records far exceeding the company’s initial assessment are now circulating in underground forums. Among the victims are government employees from agencies such as the Ministry of the Interior, Education, and the Gendarmerie, identifiable by their professional email addresses.
The leaked data, which remains recent (dating to the November breach), provides cybercriminals with a trove of details to craft highly convincing phishing scams. Fraudsters could impersonate trusted entities, using real package numbers or personal information to deceive victims into clicking malicious links or divulging further sensitive data. The risk extends to SMS-based scams and identity fraud, with attackers potentially leveraging the exposed details to bypass security measures.
Colis Privé has yet to respond to requests for comment on the latest developments. The incident underscores the long-term fallout of data breaches, where initial assurances of limited exposure often prove inaccurate as stolen information resurfaces in criminal markets.
Colis Privé cybersecurity rating report: https://www.rankiteo.com/company/colis-prive
"id": "COL1768237988",
"linkid": "colis-prive",
"type": "Breach",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Over 10 million French citizens',
'industry': 'Logistics/Parcel Delivery',
'location': 'France',
'name': 'Colis Privé',
'type': 'Company'}],
'customer_advisories': 'Customers notified via email about the breach and '
'advised to be cautious of phishing attempts.',
'data_breach': {'data_encryption': 'No',
'data_exfiltration': 'Yes',
'number_of_records_exposed': 'Over 22 million',
'personally_identifiable_information': ['Names',
'Addresses',
'Email Addresses',
'Phone Numbers',
'Professional Email '
'Addresses (for '
'public agents)'],
'sensitivity_of_data': 'Moderate to High',
'type_of_data_compromised': ['Personal Identifiable '
'Information',
'Shipment Details']},
'date_detected': '2023-11',
'date_publicly_disclosed': '2023-11',
'description': 'Colis Privé suffered a cyberattack leading to unauthorized '
'access to customer data, which was later found on the dark '
'web. Over 10 million French citizens, including over 500 '
'public sector agents, were affected. The exposed data '
'includes personal and shipment details, increasing the risk '
'of phishing and identity theft.',
'impact': {'brand_reputation_impact': 'High',
'data_compromised': 'Over 22 million records',
'identity_theft_risk': 'High',
'payment_information_risk': 'None'},
'initial_access_broker': {'data_sold_on_dark_web': 'Yes'},
'investigation_status': 'Ongoing',
'motivation': 'Data Exfiltration',
'recommendations': 'Customers should be vigilant for phishing attempts, '
'verify sender email addresses, and watch for '
'spelling/grammar errors in communications. Avoid clicking '
'on suspicious links or sharing personal information.',
'references': [{'source': 'seblatombe (X/Twitter)'},
{'source': 'Clément Domingo (Ethical Hacker)'},
{'source': 'Tech&Co'}],
'response': {'communication_strategy': 'Email notification to customers'},
'title': 'Colis Privé Data Breach and Dark Web Exposure',
'type': 'Data Breach'}