Paris-based Sorbonne Université had its employees' data purportedly compromised following a cybersecurity incident , reports Cybernews
Analysis of a data sample shared by attackers revealed 32,000 employee entries, including full names, job positions, departments, email addresses, contract types, salaries, ZIP codes, and internal codes, according to Cybernews researchers, who noted that other information touted to have been stolen was absent. Threat actors previously alleged stealing bank account numbers, digital payslips, salary transfer details, Social Security numbers, sick leave documents, CVs, diplomas, and cover letters, as well as employee listings, internal directories, and assignment tables.
"The most likely potential impact is data abuse for social engineering attacks. If it is true that the threat actor has banking and social security information of the employees, there is also a risk for financial fraud and identity theft," said researchers. Sorbonne Université has yet to comment on the claimed breach.
Source: https://www.scworld.com/brief/sorbonne-universit-allegedly-subjected-to-major-hack
SORBONNE VENTURE cybersecurity rating report: https://www.rankiteo.com/company/sorbonne-venture
"id": "SOR1764707878",
"linkid": "sorbonne-venture",
"type": "Breach",
"date": "12/2025",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'incident': {'affected_entities': [{'customers_affected': '32,000 employees',
'industry': 'Education',
'location': 'Paris, France',
'name': 'Sorbonne Université',
'size': None,
'type': 'University'}],
'data_breach': {'data_encryption': None,
'data_exfiltration': 'Alleged',
'file_types_exposed': None,
'number_of_records_exposed': '32,000',
'personally_identifiable_information': 'Full '
'names, '
'email '
'addresses, '
'Social '
'Security '
'numbers, '
'ZIP '
'codes, '
'job '
'positions, '
'departments, '
'contract '
'types, '
'salaries, '
'internal '
'codes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal '
'Identifiable '
'Information',
'Financial '
'Information',
'Employment Records',
'Educational '
'Records']},
'description': 'Paris-based Sorbonne Université had its '
"employees' data purportedly compromised "
'following a cybersecurity incident. Analysis of '
'a data sample shared by attackers revealed '
'32,000 employee entries, including full names, '
'job positions, departments, email addresses, '
'contract types, salaries, ZIP codes, and '
'internal codes. Threat actors previously alleged '
'stealing bank account numbers, digital payslips, '
'salary transfer details, Social Security '
'numbers, sick leave documents, CVs, diplomas, '
'and cover letters, as well as employee listings, '
'internal directories, and assignment tables.',
'impact': {'brand_reputation_impact': None,
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': '32,000 employee entries, '
'including full names, job '
'positions, departments, email '
'addresses, contract types, '
'salaries, ZIP codes, internal '
'codes, bank account numbers, '
'digital payslips, salary '
'transfer details, Social '
'Security numbers, sick leave '
'documents, CVs, diplomas, cover '
'letters, employee listings, '
'internal directories, and '
'assignment tables',
'downtime': None,
'financial_loss': None,
'identity_theft_risk': 'High',
'legal_liabilities': None,
'operational_impact': None,
'payment_information_risk': 'High',
'revenue_loss': None,
'systems_affected': None},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': None,
'high_value_targets': None,
'reconnaissance_period': None},
'post_incident_analysis': {'corrective_actions': None,
'root_causes': None},
'ransomware': {'data_encryption': None,
'data_exfiltration': None,
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'references': [{'date_accessed': None,
'source': 'Cybernews',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': None,
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': None,
'containment_measures': None,
'enhanced_monitoring': None,
'incident_response_plan_activated': None,
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': None},
'title': 'Sorbonne Université Employee Data Compromise',
'type': 'Data Breach'}}