Skip to content

French IT School ESGI Breached, Over 26,000 Student Enrollment Records Leaked

Breach Report France flagFrance Education

French IT School ESGI Breached, Over 26,000 Student Enrollment Records Leaked

A threat actor using the alias 84City has posted an SQL dump they attribute to ESGI (École Supérieure de Génie Informatique), a private French higher-education school specializing in IT and digital technology, based in Paris with campuses across France. The dump is dated July 8, 2026 and listed as 26,451 rows from a users table (the post also cites roughly 12,000 records). Per the description and sample, each record contains student enrollment data: full name, email, mobile phone, home address, city and postal code, nationality, class and program, enrollment status and dates, a Geschool ID, and a school Active Directory login. The claim is unverified.

Data26,451 rows
AccessPoints-gated
CountryFrance flagFrance
Actor84City

Post details

TargetESGI (esgi.fr)
CountryFrance flagFrance
SectorEducation
ClaimSQL dump, 26,451 rows (users)
DataNames, contact, addresses, AD logins
Dump date
Observed
Actor84City

!Allegedly included

  • 26,451 rows (users table)
  • Student full names
  • Emails & mobile phones
  • Home addresses & postal codes
  • Nationality
  • Class & program details
  • Enrollment status & dates
  • School AD login & Geschool ID

Screenshot

Potential impact

The exposed records tie students' names to their email addresses, mobile phone numbers, and home addresses, which enables targeted phishing, identity fraud, and physical-privacy risks. The inclusion of school Active Directory logins is notable, as those institutional usernames could support social-engineering or account-access attempts against the school's systems. No national ID, financial, or password data is described. No sample records, identifiers, or contact details are reproduced here. The claim is unverified.

iStatus

Unverified

This is a data-leak post; the download is gated behind forum points. The claim is unverified and ESGI has not publicly addressed it.

Want everything on this breach, including the unblurred screenshots? Paid subscribers get the full claim details, breach URL, and more. Check out the threat feed, then after subscribing, search there for this alert. View pricing →

DARK WEB INFORMER - THREAT INTELLIGENCE

Latest