What Happened
In January 2021, the French travel company Bourse des Vols (bourse-des-vols.com or bdv.fr) suffered a data breach around January 11-12, when hackers compromised its database, which was subsequently leaked on dark web forums starting January 16, exposing approximately 1.46 million records—including 1.46 million unique email addresses—across over 1,200 SQL files totaling more than 9GB uncompressed. The stolen data encompassed highly sensitive personal and travel information such as full names, phone numbers, home addresses, dates of birth, IP addresses, flight itineraries (dates, times, routes, and airlines), and purchase records, posing risks for identity theft, tracking, geolocation, and fraud, though full credit card details were not confirmed exposed.
