Paris, March 5 – The City of Paris has confirmed that its adult education platform, “Les Cours d’Adultes de Paris” (SCAP), was subjected to a cyberattack on March 2nd. The incident led to an unauthorized disclosure of a data file, potentially exposing personal information of individuals registered for courses between 2019 and 2025. The full extent of the breach is still under investigation, but the city has warned users about potential phishing risks.
Details of the Cyberattack and Data Exposure
The cyberattack, first reported by Le Parisien, affected the platform that provides over 640 training courses for adults over 18. In an email sent to users on Monday evening, the City of Paris stated that a file originating from the platform, dating prior to May 2025, was disseminated without authorization. While the exact number of affected users has not been disclosed, all individuals registered within the specified timeframe are potentially impacted.
The exposed data includes names, first names, addresses, and telephone numbers. Crucially, the City of Paris has assured users that “no banking data or passwords are included in the disseminated file.” This information aims to alleviate concerns regarding direct financial fraud, though the risk of other malicious activities remains.
Precautionary Measures and Phishing Alert
Despite having “no evidence of fraudulent use of the data concerned” at this stage, the City of Paris is urging all users to exercise extreme vigilance against phishing attempts. Phishing is a common fraudulent technique where cybercriminals impersonate trusted entities through emails or SMS messages to trick individuals into revealing personal or financial information.
Users are advised not to respond to any suspicious messages or emails requesting personal details and to refrain from clicking on any links embedded within such communications. For any questions or concerns, affected individuals can contact the City of Paris information line at 3975.
Ongoing Investigation and Previous Incidents
The technical services of the City of Paris are actively investigating the origin of the incident and are working to enhance existing security measures. In compliance with legal requirements, the National Commission for Information Technology and Liberties (Cnil) has been informed of the breach.
This cyberattack on the adult education platform follows another recent security incident involving the City of Paris. Just a few weeks prior, the “Choisir le service public” platform, dedicated to public sector job offers, also suffered a cyberattack that resulted in a data leak. These recurring incidents highlight a growing concern for data security within the city’s digital infrastructure.
BFM Tech reached out to the City of Paris for further comments but has not yet received a response. The repeated nature of these attacks underscores the increasing challenges faced by public institutions in safeguarding sensitive user data in the evolving landscape of cyber threats.
