Leroy Merlin Breach Alert: French Customers Notified After Cyberattack Exposes Personal Data

French retailer Leroy Merlin reports leak of contact and loyalty information but says no financial data was compromised.

Scope of the incident

French home-improvement chain Leroy Merlin is telling customers in France that a recent cyberattack resulted in the exposure of several categories of personal information. The company, which operates stores across Europe, South Africa and Brazil, confirmed that the breach was contained to its French customer base.

According to customer notifications circulating online, the compromised data includes names, contact details, postal addresses, birth dates, and information linked to the retailer’s loyalty program. The leaked details, while sensitive, do not extend to banking information or account passwords, which Leroy Merlin says remained secure.

Company response and containment

Leroy Merlin said that its security teams moved quickly to shut down the unauthorized access once the intrusion was detected. The retailer says it has taken measures to prevent further data exposure and continues to monitor its systems for signs of misuse.

In its customer notice, the company said it has no evidence that the data has been linked to fraudulent activity. However, it encourages affected individuals to watch for unusual communications or account behavior, particularly messages that might attempt to impersonate the brand.

Guidance for affected customers

The retailer is offering advice on how to recognize phishing attempts, including unexpected requests for codes, discounts or personal details. Customers are urged to contact the company directly if they encounter suspicious emails or face difficulties using loyalty program benefits, which could indicate unauthorized manipulation of their accounts.

Leroy Merlin is also asking customers to report any anomalies promptly so that its support teams can investigate and mitigate potential risks.

Ongoing investigation

Independent verification has confirmed the authenticity of the notices to customers, though the company has not disclosed how many individuals were impacted. Requests for additional details about the breach and its origins have yet to get a response.

No cybercriminal group has yet claimed responsibility for the attack, and no public evidence suggests the data has been leaked or held for ransom.

Protect yourself after a breach

Want to stay steps ahead of scammers and safeguard your personal data? Use Bitdefender Scamio to instantly analyze suspicious messages, images, or links, and enroll in Bitdefender Digital Identity Protection for 24/7 monitoring and alerts if your information appears in a breach. These tools can help you stay vigilant and take quick action when it matters most.