Data Breach Hits Paris Adult Education Platform

Security Breach Confirmed

The City of Paris revealed on Monday that its Cours d’adultes de Paris (CAP) platform suffered a targeted cyberattack. This digital portal manages enrollment for thousands of residents seeking continuing education and vocational training. Unauthorized actors successfully accessed and extracted a database file containing sensitive user information.

Extent of Compromised Data

The stolen dataset includes a range of personal identifiers that could be used for identity theft or phishing campaigns. City officials confirmed that the following information was accessed:

• Full names and dates of birth
• Physical addresses and email contacts
• Phone numbers and professional status
• Login identifiers for the CAP portal

Financial details and passwords remain secure according to the initial technical audit. The platform does not store banking information directly, which limited the scope of the theft. However, the exposed contact details provide sufficient material for sophisticated social engineering attacks against the affected students.

Response and Legal Actions

Municipal IT teams took the platform offline immediately after detecting the intrusion to patch vulnerabilities. The city has notified the Commission Nationale de l'Informatique et des Libertés (CNIL), France's data protection authority. A formal criminal complaint was also filed with law enforcement to track the origin of the breach.

Affected users received email notifications advising them to monitor their accounts for suspicious activity. Security experts recommend that individuals registered on the platform change their credentials on any other services where they may have reused the same username or email patterns. The city is currently conducting a deep forensic analysis to determine the exact method of entry used by the hackers.

Investigators are now monitoring dark web forums to see if the database is offered for sale or leaked publicly.