Impact & Downstream Threats
This breach carries moderate risk due to the nature of exposed data fields and the scale of affected records.
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
Breach Intelligence
Executive Summary
In early October 2025, , ENGIE, -the multinational energy company-appeared on the leak site of a group calling itself , Scattered LAPSUS$ Hunters, . The group alleges it exfiltrated data from ENGIE’s , Salesforce, environment as part of a broader 2025 campaign targeting Salesforce-connected organizations. Salesforce maintains its platform was , not, breached and says the attackers are exploiting victim organizations-primarily via social-engineering and voice-phishing-rather than a Salesforce vulnerability.,
, On October 3, 2025, Scattered LAPSUS$ Hunters launched their leak site and posted , teaser samples, for numerous brands, including a limited preview attributed to ENGIE. However, the full, unredacted data set was subsequently leaked on October 10'th.,
,
, Breach Unveiled,
About Engie
Global energy and services company focused on utilities and infrastructure.
Data Points Exposed
Dark Web Verification
Status: Confirmed
- Dataset containing approximately 537K records identified in breach intelligence sources.
- The data is indexed and searchable across breach notification platforms.
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Non-clients may request a breach impact review.
Frequently Asked Questions
In October 2025, Engie experienced a data breach that exposed approximately 537K records containing personal information.
The exposed data includes fields such as email address, full name, phone number, physical address:home.
Approximately 537K records were affected based on current breach intelligence.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of Engie
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam