Cybercriminals Target ENI France in New Data Leak Scandal

ENI France Data Breach Sparks Fresh Cybersecurity Concerns as Alleged Customer Database Appears on Dark Web Forums

• ENI France Data Leak Sparks Fresh Cybersecurity Fears Across Europe
• Hackers Allegedly Dump ENI France Customer Database on Dark Web
• Energy Giant ENI Faces Security Questions After France Data Breach Claims
• Thousands of Business Records Exposed in Alleged ENI France Cyberattack
• Energy Sector on Alert After ENI France Database Appears Online
• Alleged ENI France Breach Raises Alarm Over Business Data Exposure

A potential data breach involving ENI France is raising fresh alarms in the cybersecurity community after threat actors allegedly put a large customer database up for sale on an underground cybercrime forum.

According to cybersecurity researchers, the leaked dataset is claimed to contain tens of thousands of records linked to ENI France, the French subsidiary of Italian energy giant ENI. The data is reportedly being circulated by actors claiming ties to the Lapsus$ cybercrime ecosystem, a group associated with several high-profile global breaches.

What the Alleged Leak Contains

Early analysis suggests the exposed dataset may include business-related account information rather than traditional consumer energy billing records. The compromised data reportedly features company names, email addresses, login activity timestamps, customer reference numbers, and account status details tied to organizations operating in France.

The affected entities appear to span multiple sectors, including government agencies, universities, hospitality businesses, and private companies—raising concerns about potential downstream phishing and targeted social engineering attacks.

While the dataset is advertised as containing around 89,000 records, researchers believe the actual number may be inflated due to duplicate entries or overlapping data fields.

Limited Sensitive Data — But High Phishing Risk

At first glance, the leaked sample does not appear to include payment card details or highly sensitive personal identifiers. However, cybersecurity experts warn that even “non-critical” business data can be highly dangerous in the wrong hands.

Attackers could use the exposed email addresses, account references, and organizational details to launch convincing phishing campaigns, impersonation attacks, or supply-chain targeting against affected institutions.

ENI France and Wider Energy Sector Under Scrutiny

The incident adds to growing pressure on energy companies and critical infrastructure providers, which are increasingly being targeted by cybercriminal groups seeking either financial gain or geopolitical leverage.

ENI, which operates in more than 60 countries, has not confirmed the full scope of the alleged breach at the French subsidiary level, and investigations are expected to determine whether the data originates from a direct system compromise or third-party exposure.

A Pattern of Rising Cyber Attacks in 2026

The ENI France case comes amid a broader surge in ransomware, data leaks, and extortion-based cyberattacks targeting European organizations in 2026. Cybersecurity analysts say attackers are increasingly focusing on business-to-business datasets that can be monetized through resale or used for long-term fraud campaigns.

What Happens Next

As investigators work to verify the authenticity of the leaked data, affected organizations are being advised to monitor accounts for suspicious activity and tighten authentication controls. Security experts also recommend proactive employee awareness training to reduce the risk of phishing attacks stemming from the exposed data.

For now, the ENI France situation remains an unfolding cyber incident but one that highlights how even “partial” data leaks can quickly escalate into serious security threats across multiple sectors.