alt=A glowing warning triangle overlaid on abstract digital code and blue circuitry, suggesting a cybersecurity alert or caution.
Cyber security
2026-01-16 1 comment

Massive breach leaks 45 million French records

Story by Sead Fadilpaši?
  • Cybernews found exposed database with tens of millions of French citizen records
  • Data combined from at least five breaches: voter, healthcare, financial, CRM, and vehicle info
  • Likely built by criminal data broker; poses major risks of phishing, fraud, and identity theft

Someone – most likely a cybercriminal – has combined data stolen in at least five breaches into a single, large database, and then exposed it on a cloud server, experts have warned.

<cs-card “=”” class=”card-outer card-full-size ” card-fill-color=”#565656″ card-secondary-color=”#272727″ gradient-angle=”112.05deg” id=”native_ad_inarticle-1-792d884c-d18e-414e-86ba-81e7e871f865″ size=”_2x_1y” part=””>

Top 5 Best VPNs in 2026 – Updated 5 Minutes Ago – #1 Trusted VPN

privacyguide.com

Sponsored
call to action icon

The database was recently discovered by security researchers at Cybernews, who notified the server’s owners and helped take the archive down.

Cybernews said it found a database on “millions” of French citizens exposed on the open web for an unknown period of time. After analyzing the contents of the database, the researcher determined the archive is most likely an amalgamation of at least five breaches.

Severe privacy risks

In total, there were “tens of millions” of records, Cybernews concluded, splitting the discovered information like so:

  • More than 23 million entries appearing to be voter or demographic registry data, containing full names, addresses, and birthdates
  • Roughly 9.2 million healthcare data, in the format of France’s official RPPS/ADELI registries
  • More than 6 million contact records from a CRM
  • Approximately 6 million financial profiles with IBANs and BICs, tied to French banks
  • Vehicle registration and insurance information

“Unlike traditional leaks caused by corporate misconfigurations, this exposure appears to be the work of a data broker or criminal collector. Such actors often merge stolen datasets from multiple breaches into unified databases to increase resale value and enable identity cross-linking,” the team explained.

<cs-card “=”” class=”card-outer card-full-size ” card-fill-color=”#565656″ card-secondary-color=”#272727″ gradient-angle=”112.05deg” id=”native_ad_inarticle-2-87a25823-a2db-40f2-a34c-3481f248dc32″ size=”_2x_1y” part=””>

Stream Safely, Enjoy More

opera.com

Sponsored
call to action icon

“The mix of datasets paints a troubling picture: different sectors, one repository – and no protection. The incident poses a severe privacy risk for millions of French citizens.”

Cybernews was unable to identify who the real owner of the database is, but they traced it to a server in France and helped lock it down.

This type of databases is extremely valuable to cybercriminals, as they enable different attack techniques, including phishing, identity theft, wire fraud, and more.

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course, you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

read more
alt=A computer displaying the CreditINFO logo stands in water, surrounded by cascading green binary code.
Cyber security
2025-09-18 Post a Comment

Data breach of epic proportions in Vietnam

by Nguyen Ngoc Nhu Quynh

Hackers steal 160 million records from state-run credit center, exposing Communist Party’s digital vulnerability and illiteracy

This month, over 160 million credit records held at Vietnam’s National Credit Information Center (CIC), a unit managed by the State Bank of Vietnam, were stolen and posted for sale online for US$175,000.

The massive breach, allegedly carried out by the hacker group ShinyHunters, exposed the personal data of virtually every Vietnamese citizen above the age of 18.

Yet, beyond the cybercrime headlines, the scandal raises a deeper, more troubling question: What happens when a government simultaneously loses control of citizens’ data, while also proposing to sell it?

Vietnam’s Ministry of Public Security (MPS) has recently introduced a draft law proposing the establishment of a national data exchange platform.

Framed as a way to unlock the value of data for economic development, the platform would allow for the trading of both personal and non-personal data, under certain conditions. While the ministry promises that individual consent will be required, the mechanism for ensuring such consent remains vague.

At the same time, Vietnamese citizens affected by the CIC leak were not notified: not by the CIC, not by relevant banks and not by any state institution.

As of September 13, some individuals whose names appeared in sample files being circulated on the dark web said they had received no warnings, no protection and no explanation.

The leaked dataset, according to security experts, included:

  • Full personal identification (ID numbers, passports, driving licenses)
  • Biometric data and medical records
  • Tax codes, income and debt information
  • Credit card and banking records
  • Employment, education and residence history
  • Government, police and military personnel profiles

This isn’t just a privacy issue; it’s a national security breach. When foreign intelligence services can buy profiles of Vietnamese government officials and military members for less than the cost of a luxury car, no law or slogan can compensate for the damage done.

In a tone-deaf public notice, police authorities urged citizens to remain vigilant and “protect themselves” against identity theft and cybercrime, placing the burden back on the victims.

The irony is stark: the state collects data without consent, fails to protect it and then blames the people for not being digitally literate enough to defend themselves.

This contradiction is particularly jarring in the context of the government’s recent push for a “digital literacy campaign.” On September 13, General Secretary To Lam praised the launch of “Digital Mass Literacy – Digital Parliament” as part of Vietnam’s national modernization.

At the same time, he admitted that most citizens and even government officials lack fundamental knowledge about data protection or digital transformation.

Selling insecure data

The Ministry of Public Security’s draft legislation envisions a future where data is commodified, yet claims to prioritize national security and individual privacy. But the CIC breach reveals a harsh truth: Vietnam does not yet have the technical or institutional capacity to manage that dual mandate.

General Vu Van Tan, head of the Cybersecurity Department, recently stated that data should not sit idly in databases but rather should be “shared and monetized to generate value for society.”

But when the value of data outweighs the commitment to protect it, citizens are no longer stakeholders – they are vulnerable bystanders.

To restore trust, Vietnam needs more than draft laws and slogans. It needs:

  • A public apology and immediate notification to all affected individuals
  • Independent oversight of any future data exchanges
  • Strict liability for state and corporate entities involved in data mishandling
  • Investment in real cybersecurity infrastructure, not just propaganda
  • Clear legal pathways for compensation to citizens harmed by data breaches

Most importantly, the Vietnamese government must recognize that data rights are human rights. Without accountability, security and consent, the promise of a “digital society” becomes instead a digital trap.

read more
Trustpilot
The rating of livingsafeonline.com at Trustprofile Reviews is 9.1/10 based on 13 reviews.
Verified by MonsterInsights