France Tourism Sites Hit by Major Cyberattacks

France Tourism Sites Hit by Major Cyberattacks

French Tourism Sites Hit by Major Cyberattacks

France’s tourism sector has been shaken by a coordinated cyberattack that unfolded over just 72 hours, exposing sensitive customer data and highlighting serious vulnerabilities in the country’s digital infrastructure. Three major holiday booking platforms—used by millions of residents and international visitors—were breached in quick succession, with a single hacker claiming responsibility.

The incident is not just another data breach story. It’s a warning sign for businesses and consumers alike, particularly in a country where tourism plays a central role in the economy. If you live in France, travel frequently, or use online booking platforms, this story has real implications for your personal data security.

A Weekend of Coordinated Cyberattacks

The attacks began quietly but escalated rapidly.

Pierre & Vacances Hit First

On the 14th May, Pierre & Vacances-Center Parcs detected suspicious activity affecting one of its booking platforms, “La France du Nord au Sud,” part of its Maeva network. Within 24 hours, the company confirmed a breach.

What makes this attack particularly concerning is the scale and depth of the data involved:

  • Over 1.6 million booking records confirmed compromised

  • Hacker claims access to more than 4.5 million customer profiles

  • Data spanning nearly two decades

The exposed information reportedly includes:

  • Names and contact details

  • Dates of birth

  • Booking histories and travel details

Although no payment data was reported stolen, this type of personal information is highly valuable for identity theft and phishing campaigns.

Belambra Targeted Next

Just one day later, on the 16th May, Belambra—another major player in France’s holiday accommodation market—confirmed it had also been breached.

This second attack followed a similar pattern but raised additional concerns:

  • Around 400,000 individuals affected

  • Data included recent bookings from the past six months

  • Information on minors included in reservations

The inclusion of children’s data adds a more sensitive dimension, potentially increasing regulatory scrutiny and public concern.

Gîtes de France Completes the Trio

By the 17th May, Gîtes de France became the third confirmed victim. Known for its network of rural holiday rentals, the organisation reported “fraudulent access” to booking data.

Key details include:

  • Approximately 389,000 customers impacted

  • Data records dating as far back as 1995

  • Breach linked to a third-party IT provider

This third incident reinforced a troubling pattern: attackers were not just exploiting one weak point, but systematically targeting the tourism ecosystem.

One Hacker, One Message

All three attacks have been attributed to a hacker using the alias “ChimeraZ,” who surfaced on an English-speaking cybercrime forum earlier this year.

According to cybersecurity researchers who interacted with the attacker, the motive wasn’t purely financial. Instead, ChimeraZ reportedly stated the goal was to:

  • Expose weaknesses in French cybersecurity systems

  • Gain visibility within hacking communities

  • Demonstrate how vulnerable major organisations are

In blunt terms, the hacker allegedly described France as “a sieve” when it comes to cybersecurity.

How the Attacks Worked

The methods used suggest a mix of automation and exploitation of weak system design.

One notable technique involved:

  • Manipulating booking reference numbers

  • Systematically retrieving customer records

  • Extracting large datasets (reportedly up to 900MB in one case)

In the Gîtes de France breach, the vulnerability came through a third-party provider, Itea—highlighting a growing risk area in cybersecurity: supply chain attacks.

Even if your own systems are secure, your partners may not be.

A Growing Cybersecurity Crisis in France

These attacks are not isolated incidents. They are part of a broader surge in cybercrime affecting French institutions and businesses.

Recent figures paint a worrying picture:

  • 485 data breaches reported in the past 12 months

  • 11.7 million records lost in an April breach involving ANTS (government agency)

  • Increasing targeting of service-based industries like tourism

Tourism platforms are particularly attractive targets because they store:

  • Large volumes of personal data

  • Travel patterns and habits

  • Contact details of international users

This makes them ideal for phishing, scams, and identity fraud.

Why This Matters for Expats and Tourists

If you’re an English speaker living in France—or regularly travelling within the country—there’s a good chance you’ve used one of these platforms or similar services.

Even if your data wasn’t part of this specific breach, the risks are broader.

Potential Risks to Users

  • Phishing emails pretending to be travel confirmations

  • Fake refund or cancellation scams

  • Identity theft using personal details

  • Targeted scams based on travel history

For example, if a hacker knows you booked a holiday in Brittany last summer, they could craft a convincing email about a “refund issue” or “booking update.”

What Companies Are Doing Now

All three affected companies have taken initial steps to respond:

  • Filing official complaints with French authorities

  • Notifying the CNIL (France’s data protection regulator)

  • Beginning customer notification processes

However, regulatory compliance doesn’t necessarily mean the risk is over. Once data is exposed, it can circulate on dark web marketplaces for years.

How to Protect Yourself After a Data Breach

Even if you’re unsure whether you’ve been affected, it’s worth taking precautions.

Immediate Steps

  • Change passwords on any travel or booking accounts

  • Use unique passwords for each platform

  • Enable two-factor authentication where available

Stay Alert for Scams

  • Be cautious of unexpected emails about bookings or refunds

  • Check sender email addresses carefully

  • Avoid clicking links in unsolicited messages

Monitor Your Data

  • Watch for unusual account activity

  • Consider using identity monitoring services

  • Report suspicious emails or messages

The Bigger Picture: A Wake-Up Call for Digital France

This group of attacks highlights a structural issue rather than a one-off failure. France, like many countries, is undergoing rapid digital transformation—but security practices are struggling to keep pace.

Key weaknesses exposed include:

  • Legacy systems storing decades of data

  • Over-reliance on third-party providers

  • Weekness in API and booking system protections

  • Limited proactive threat detection

For businesses, this is a clear signal: cybersecurity is no longer optional or secondary. It’s a core part of customer trust.

For users, it’s a reminder that convenience always comes with risk.

Enjoyed this? Get the week’s top France stories

One email every Sunday. Unsubscribe anytime.

Jason Plant

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *