CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

French Football Federation Data Breach Exposes Amateur Player Information

First reported
Last updated
2 unique sources, 2 articles

Summary

Hide ▲

The French Football Federation (FFF) suffered a data breach on November 20, 2025, exposing personal details of millions of amateur football players. The breach involved unauthorized access to a software platform used by licensed football clubs for administrative tasks. The exposed data includes names, genders, dates of birth, birth locations, nationalities, postal addresses, email addresses, phone numbers, and football license ID numbers. The FFF took immediate steps to secure the platform by deactivating the compromised account and resetting all user account passwords. The federation also notified relevant authorities and warned players to be vigilant against phishing scams. This incident follows a similar breach at the French Shooting Federation three weeks prior.

Timeline

  1. 28.11.2025 12:06 2 articles · 1d ago

    French Football Federation Data Breach Exposes Player Information

    On November 20, 2025, the French Football Federation (FFF) suffered a data breach that exposed personal details of millions of amateur football players. The breach involved unauthorized access to a software platform used by licensed football clubs for administrative tasks. The FFF took immediate steps to secure the platform by deactivating the compromised account and resetting all user account passwords. The federation also notified relevant authorities and warned players to be vigilant against phishing scams.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Pajemploi Data Breach Exposes 1.2M Individuals' Personal Information

Pajemploi, a French social security service for parents and home-based childcare providers, reported a data breach on November 14, 2025, potentially exposing personal information of 1.2 million individuals. The breach affected registered professional caregivers working for private employers. The stolen data includes full names, places of birth, postal addresses, social security numbers, banking institution names, Pajemploi numbers, and accreditation numbers. The agency assured that bank account numbers, email addresses, phone numbers, and account passwords were not compromised. Pajemploi took immediate action to stop the attack and notified the French Data Protection Authority (CNIL) and the National Agency for the Security of Information Systems (ANSSI). Each affected individual will be notified, and URSSAF advises caution due to the elevated risk of fraudulent communications using the stolen information.

Open in new tab

Nikkei Slack Platform Breach Exposes 17,000 People's Data

Japanese media corporation Nikkei disclosed a data breach affecting 17,368 individuals. Attackers accessed employee Slack accounts using credentials stolen after malware infected an employee's computer. The breach was discovered in September 2025, and the compromised information includes names, email addresses, chat histories, and potentially sensitive data such as trade secrets. Nikkei voluntarily reported the incident to Japan's Personal Information Protection Commission, despite not being legally required to do so. The breach did not impact confidential sources or journalistic data. This incident marks the latest in a series of cyberattacks against Nikkei, including a $29 million loss in a 2019 business email compromise (BEC) attack.

Open in new tab

Renault and Dacia UK Customers Affected by Third-Party Data Breach

Renault and Dacia UK customers have been notified of a data breach affecting personal information shared with a third-party provider. The breach exposed full names, gender, phone numbers, email addresses, postal addresses, vehicle identification numbers, and vehicle registration numbers. The third-party provider has isolated the incident and removed the threat from its networks. The affected customers are advised to be vigilant against potential phishing and social engineering attacks. The number of impacted customers and the identity of the third-party provider have not been disclosed. The breach follows a significant cyberattack at Jaguar Land Rover in the UK, which disrupted operations for nearly a month, and is part of a string of breaches in the transport sector, impacting JLR, Collins Aerospace, and LNER.

Open in new tab

Boyd Gaming Corporation data breach after cyberattack

Boyd Gaming Corporation, a US gaming and casino operator, disclosed a data breach after threat actors gained access to its systems. The breach resulted in the theft of employee information and data belonging to a limited number of other individuals. The company has engaged external cybersecurity experts and notified law enforcement. The incident has not affected operations, and the company expects its cybersecurity insurance to cover associated costs. Boyd Gaming operates 28 gaming properties across ten states and employs over 16,000 people. The breach was disclosed in a FORM 8-K filing with the SEC. No threat actors have claimed responsibility for the attack.

Open in new tab

Sensitive Data Exposed in Auchan Retailer Cyberattack

A cyberattack on Auchan, a French multinational retail group, exposed sensitive data associated with the loyalty accounts of several hundred thousand customers. The breach, which occurred in November 2024, included full names, titles, postal addresses, email addresses, phone numbers, and loyalty card numbers. The incident did not affect bank data, passwords, or PIN numbers. The company has notified the French Data Protection Authority (CNIL) and is advising customers to be vigilant against potential phishing attacks. The breach occurred amidst a series of similar incidents affecting large French entities, though no direct links have been established. This is the second data breach Auchan has disclosed over the past year.

Open in new tab