Cegid, a major European leader in cloud-based business management solutions, is at the center of a significant data breach allegation. Founded in 1983 and headquartered in Lyon, France, Cegid has grown into a global powerhouse, providing critical software for finance, ERP, human resources, and payroll to over 750,000 clients in 130 countries. The company, a vital technology partner for businesses of all sizes, reported revenues of nearly €1 billion in 2024. Given its role in handling sensitive financial and employee data, the claims of a breach are particularly alarming.
The news broke on a dark web forum today, July 30, 2025, where a threat actor announced the sale of a database allegedly exfiltrated from Cegid’s systems. The seller claims the database contains 74,000 customer records, with a focus on clients in France, Belgium, and Spain. The exposure of such information could lead to sophisticated phishing campaigns, identity theft, and financial fraud against the affected companies and individuals.
According to the forum post, the compromised data is extensive and highly sensitive. The threat actor listed the following data types as being part of the leak:
- Customer ID
- Customer Reference
- Company Name
- Contact Person’s First and Last Name
- Last Connection Date
- Phone Number
- Email Address
- RIB (Bank Account Identity Details)
- Bank Invoice
