French national bank accounts database (FICOBA) / Ministry of Economy and Finance
January 18, 2026
•[ data leak, stolen credentials, unauthorized access ]
Frances Ministry of Economy and Finance stated that part of the national database listing bank accounts in France was illegally accessed, exposing information linked to about 1.2 million accounts. The ministry said that starting in late January 2026, a malicious actor used stolen credentials belonging to an official to access part of the database. The exposed data includes bank details (RIB/IBAN), identity and address of the account holder, and in some cases a tax identification number. Authorities said they restricted access, stopped the intrusion, and notified banks to warn customers to be vigilant.
Racami LLC
April 5, 2025
•[ data leak, stolen credentials, infostealer ]
On April 5 2025, Hellcat listed Racami on its leak site, stating it had accessed and exfiltrated internal Jira project data using stolen credentials gathered through an infostealer campaign. No encryption or operational disruption was reported.
Digital Realty
March 1, 2025
•[ state-sponsored attack, espionage, vulnerability exploit ]
The Ministry of State Security (MSS)linked group Salt Typhoon infiltrated Digital Realty and other data-center operators in early 2025 by exploiting vulnerabilities in network-appliance infrastructure and stolen credentials. Microsoft attributed the campaign to PRC state-sponsored espionage targeting Western critical-infrastructure providers.
