The personal data of 705,000 former candidates for Parcoursup now find themselves in unknown hands. The Ministry of Higher Education recognized that a cyberattack targeting an internal module of the platform, in October 2025, allowed a hacker to massively siphon the files of high school students and students attached to the Occitanie academic region.
Particularly worrying, the intrusion was only detected in March 2026, almost six months after the events. In a context of black series for public services, already hit by leaks of theANTS or National Education, this cyberattack Parcoursup directly questions the State’s capacity to monitor its own systems.
Parcoursup cyberattack: how could 705,000 files have been leaked for almost six months?
According to official explanations relayed by the specialized press, the attacker did not penetrate the servers of Parcoursup spectacularly. He used the identifiers of an agent from the Occitanie academic region to pretend to be him and access an internal data management tool, normally reserved for authorized personnel.
Once inside, the hacker was able to discreetly view and extract the information. The incident was only reported to the ministry’s teams “during March” 2026, via a report the nature of which is not detailed. During these months of silence, no monitoring mechanism identified the abnormal activity on this internal account.
Parcoursup hacked: what data of candidates and their families was exposed?
According to the ministry, the leak concerns candidates who resided in Occitania or who made wishes there on Parcoursup during the 2023 and 2025 sessions, i.e. 705,000 people. The stolen data covers marital status (surname, first name, date of birth, nationality), complete contact details, but also the course followed, the training envisaged and the scholarship status.
For minor candidates, the hacker also retrieved data on parents or legal guardians: relationship and socio-professional category. Enough to build very credible scam scenarios, targeting both young people and their families, by email, SMS or telephone, pretending to be Parcoursupa high school or the ministry.
Parcoursup cyberattack: what are the risks for candidates and what will this data leak change?
Aware of this potential, the ministry calls “all users concerned to be vigilant regarding possible attempts at phishing, fraud or identity theft which remain possible following this disclosure”, indicates the official press release cited by 01net. Concretely, expect messages that include your real sector, your high school or your scholarship status to encourage you to click on a link or provide supporting documents.
The ministry claims to have cut off access to the compromised data, seized the CNIL and filed a complaint with the Paris prosecutor’s office. He also claims to have anonymized the module concerned for all sessions, reset the identifiers and tightened the access conditions, classic measures but which do not erase the very late detection time.
This Parcoursup leak is in addition to recent hacks of ANTS, National Education or Service-public.gouv.fr, which exposed millions of French people. It illustrates the vulnerability of privileged accounts and puts pressure on the State to strengthen the detection of intrusions into its services.