Back

meteofrance.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The domain meteofrance.com has experienced a significant number of data breaches and infostealer events between July 2025 and June 2026. A total of 1,471 historical data breaches and 278 active infostealer logs were recorded, impacting 110 employees and 1,639 clients. The majority of these events are linked to combolist sources, indicating potential credential stuffing or account takeover attempts. Malware families such as Redline, Acreed, and LummaC2 were observed, which are commonly used to exfiltrate sensitive information. The targeted services include "pro.meteofrance.com" and "particulier.meteofrance.com", suggesting that both professional and individual user data may be at risk. The primary geography of affected entities is France, with a smaller number in the United States and China. Given the high volume of data breaches and the presence of infostealer activity, this exposure presents a critical risk. The prevalence of combolist sources suggests a focus on credential compromise, which could lead to unauthorized access to sensitive employee and client data, financial information, and potentially further downstream impacts. Prioritization should focus on immediate incident response, including credential reset for all affected employees and clients, enhanced monitoring for suspicious activity on the "pro.meteofrance.com" and "particulier.meteofrance.com" services, and a thorough review of access controls and security configurations. Further investigation into the root cause of the data breaches and infostealer infections is also crucial to prevent recurrence.

Total Events

1,749
credential exposure events

Employee Affected Events

110
account email domain = meteofrance.com

Client Affected Events

1,639
service target = meteofrance.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
4002671330
peak month 399
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events278
Share16%
Data breaches
Events1,471
Share84%
Infostealer logs (16%)
278events
Data breaches (84%)
1,471events

110 compromised employee accounts pose an infrastructure risk, while 1,639 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender26
Windows Defender Reason Cybersecurity16

Malware Families Distribution

Distribution of Active Stealer Strains

Redline48
Acreed14
LummaC211
Rhadamanthys9
Remus7
Vidar7
StealC2
RisePro2

Top Login URLs

Top exposed services found in the event results

  1. 1https://pro.meteofrance.com/147
  2. 2pro.meteofrance.com146
  3. 3pro.meteofrance.com/128
  4. 4https://pro.meteofrance.com125
  5. 5https://particulier.meteofrance.com/inscription101
  6. 6https://particulier.meteofrance.com63
  7. 7particulier.meteofrance.com/inscription54
  8. 8particulier.meteofrance.com54
  9. 9meteofrance.com52
  10. 10https://services.meteofrance.com/50

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

France
Events114
United States
Events11
China
Events7
United Kingdom
Events3
Germany
Events3
Japan
Events2
Morocco
Events2

Country Breakdown

  1. 1France114
  2. 2United States11
  3. 3China7
  4. 4United Kingdom3
  5. 5Germany3
  6. 6Croatia3
  7. 7Japan2
  8. 8Morocco2

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

-
Total

Operating System Distribution

Distribution of compromised endpoint builds

Windows 1140
Windows 10 Enterprise x6414
Windows 10 22H2 build 19045 (64 Bit)10
Windows 11 24H2 build 26200 (64 Bit)7
Windows 11 (Build 26100) (64 Bit)7

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
1,462
Combolist pools
9
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.