- Cybernews discovered a database containing millions of French citizen records
- Data compiled from at least five breaches: voter, healthcare, financial, CRM, and vehicle information
- Likely created by a criminal data broker; poses serious risks of phishing, fraud, and identity theft
Security experts have reported that a cybercriminal has merged data stolen from at least five breaches into a single, large database, which was then exposed on a cloud server.
This database was recently uncovered by researchers at Cybernews, who alerted the server’s owners and assisted in taking the archive offline.
According to Cybernews, the database contained records of “millions” of French citizens that had been publicly accessible for an unknown duration. After analyzing the database, researchers concluded that it is likely a combination of at least five separate breaches.
Severe Privacy Risks
Cybernews estimated that the database holds “tens of millions” of records, categorized as follows:
- Over 23 million entries related to voter or demographic registry data, including full names, addresses, and birthdates
- Approximately 9.2 million healthcare records, formatted according to France’s official RPPS/ADELI registries
- More than 6 million contact records from a CRM
- About 6 million financial profiles containing IBANs and BICs linked to French banks
- Vehicle registration and insurance details
“Unlike traditional leaks caused by corporate misconfigurations, this exposure seems to be the work of a data broker or criminal collector. Such individuals often consolidate stolen datasets from multiple breaches into unified databases to enhance resale value and facilitate identity cross-linking,” the team explained.
“The combination of datasets presents a concerning scenario: various sectors, one repository – and no safeguards. This incident poses a significant privacy threat to millions of French citizens.”
Cybernews could not determine the true owner of the database but traced it to a server in France and assisted in securing it.
These types of databases are extremely valuable to cybercriminals, enabling various attack methods, including phishing, identity theft, wire fraud, and more.