Customers of U brands learn that a new data leak is targeting them. A cyberattack hit the site stores-u.comthe customer area of Super U, Hyper U, U Express And Usefulcompromising loyalty accounts. Cooperative U confirms an external intrusion.
The cooperative sent an alert email on April 21, 2026 to affected customers and notified the CNIL within 72 hours, in accordance with GDPR. It ensures that banking data is intact. It remains to be seen what information was leaked and how to protect yourself.
Super U cyberattack: what customer data really leaked?
In his message, Super U explains having observed “suspicious activity” on certain accounts in the customer area stores-u.com and admits that they “were subject to unauthorized access”. The hackers thus recovered data linked to loyalty profiles.
Here are the categories of compromised information according to the cooperative:
- civility and marital status
- customer status (individual or professional)
- first and last name
- e-mail address
- mailing address
- phone number
- number of U card
The brand specifies that bank card numbers, IBAN and transaction history remain out of reach of attackers. On the other hand, the number of U card associated with this identity data is enough to target each customer precisely.
Super U cyberattack: what are the concrete risks for your account?
With this level of detail, scammers can send emails or text messages from phishing very credible, which includes your name, address and brand Super U. They appear, for example, as an account block, a voucher or an urgent update.
This targeted phishing, also called spear phishing, then aims to recover your real passwords or codes. In a context where CAF, National Education orANTS have already experienced leaks, this data can combine to further refine the scams.
Super U cyberattack: what should you do now?
If you have an account stores-u.comimmediately change your password via the “Forgotten password” function. Choose at least 8 characters, mix letters, numbers and symbols, and absolutely avoid reusing this password on other services, especially for your email or your bank.
There Cooperative U also recommends modifying the code PINE of your U card at the store reception, upon presentation of an identity document, in order to secure your kitty. In the coming weeks, be wary of any email or SMS mentioning Super U : do not click on the links and type the site address yourself.