Following the cyberattack of which Chronopost was the victim at the end of January, a pirate put on sale the data of 7.3 million customers on the Dark Web. Very sensitive information, with postal contact details and signatures …
Bad news for victims of Chronopost hacking! Remember, on January 29, the parcel delivery company was the target of a large-scale cyber attack that had exhibited personal data of some 210,000 customers. This new incident was particularly worrying due to the specific nature of stolen information – names, first names, postal addresses, telephone numbers but also, in some cases, the signatures affixed during deliveries. Chronopost had reacted very quickly, declaring the closed incident after rapid intervention.
Almost a month later, a cybercriminal put on sale who would be the data from Chronopost customers on a famous hacking forum. And the damage could be much more substantial than expected. In his announcement, he indicates that “This database contains information on more than 7.3 million users, including individual customers and businesses”and that she was extracted on January 28. Information that therefore goes against what the delivery company had declared …
Afterwards, it is possible that the pirate is decided to combine several directories to enrich the database in his possession. The researcher Clément Domingo looked at the sample of 500 lines attached to the announcement and managed to get another, more substantial. It turns out that, “For some people, we find the floor number, the apartment number and the door code to access the building.” This is very worrying, and not only from a digital point of view …
Cyberalert, France | Cyberattaque Chronopost: 7.3m of data sold on the “Amazon of Cybercrime”
A few days ago, we learned from an email sent to the various users of Chronopost a cyber attack that occurred a few weeks earlier.
– saxx _ () _/ (@_saxx_) FEBRUARY 26, 2025
Piracy Chronopost: More stolen than expected data?
As a reminder, the company had officially warned its customers in an email sent shortly after the incident. “”Chronopost announces that you were the victim on 01/29/2025 of an incident that led to a flight of part of your personal data. This incident, which is not linked to a ransom, has been mastered as soon as it is aware and is now enclosed. The National Commission for Data Protection (CNIL) has been notified within the time limits. Chronopost immediately opened and conducted an investigation with the help of cybersecurity experts. This survey confirmed that the data concerned is: your name, first name and in some cases your telephone number, postal address and signature as appropriate on our delivery evidence. In order to ensure that this type of incident cannot reproduce, we have strengthened our systems, in particular by improving the security of the impacted application and our response to suspicious events “explained the message.
But if Chronopost announced that it had strengthened the safety of its systems to avoid future incidents, the risk for users currently affected is very real. Indeed, stolen information, and in particular signatures, can be used by cybercriminals to set up developed scams. Their compromise represents a significant risk, as they can be used to falsify documents, authorize transactions or validate contracts. Unlike other stolen information, a digital signature can serve as proof of consent in legal or financial contexts, making this flight particularly serious.
Piracy Chronopost: unpublished risks for customers
Cybersecurity experts warn that one could attend an upsurge in attempts at phishing (phishing), particularly targeted. These scams would consist in pretending to be Chronopost or another entity by sending fraudulent messages requesting a payment to finalize the delivery of a package or pay customs fees. The use of authentic signatures would make these scams more credible in the eyes of the victims.
Chronopost also advised its customers to remain extremely vigilant in the face of any suspicious solicitation by e-mail or SMS. The company recommends not clicking on unaccounts and always check the requests directly on its official website. In his message, Chronopost apologized for the inconvenience caused, while recalling that she was available to respond to the concerns of her customers.
Caution is therefore in order for the consumers concerned. In addition to vigilance in the face of phishing attempts, it is recommended to closely monitor bank accounts and report any suspicious activity to your bank. Activation of two -factor authentication on online accounts and regular verification of personal information is essential measures to limit the risk of identity theft.