Brinztech Alert: The Alleged Database of INSEE is Leaked

Dark Web News Analysis

The dark web news reports the circulation of a massive database linked to the Institut National de la Statistique et des Études Économiques (INSEE). A threat actor on a major hacking forum (BreachForums) has published a dataset titled “Base Deces France Complet 1970–2025”, containing approximately 28.5 million records.

While INSEE publishes much of this data legally as “Open Data,” its appearance on cybercrime forums marks a shift in intent. The dataset includes highly specific administrative details: Full Names, Dates of Birth, Places of Birth (INSEE Codes), Dates of Death, Death Certificate Numbers, and “Opposition” Flags (indicators of privacy requests). The aggregation of this data into a searchable, weaponized format is designed to facilitate fraud.

Key Cybersecurity Insights

The sale of “public” administrative data on the dark web might seem redundant, but it powers specific, high-level fraud techniques known as “Ghosting”:

• “Ghosting” (Identity Theft of the Deceased): Criminals use the Full Name, Date of Birth, and Place of Birth of a recently deceased person to apply for loans, credit cards, or benefits. Since credit bureaus and banks may take months to update their “deceased” flags, these applications often pass initial automated checks.
• Inheritance & Genealogy Fraud: Scammers use the Death Certificate Numbers and location data to target the surviving families. They may contact relatives claiming to be lawyers or notaries handling a “forgotten life insurance policy” or “unclaimed asset,” requiring an upfront fee to release the funds.
• Synthetic Identity Building: The INSEE Codes (Code Commune) are critical for reconstructing valid French Social Security numbers (NIR). Attackers mix real data from deceased individuals with fake contact info to create “Synthetic Identities” that are harder for algorithms to detect.
• SIRENE Phishing (Business Owners): While this specific leak targets the death registry, it often correlates with scams targeting the SIRENE database (companies). Fraudsters impersonate INSEE to demand payment for “mandatory registration” or “KBIS updates” from new business owners, using the public data to lend credibility to the invoices.

Mitigation Strategies

To protect your organization and family from administrative data abuse, the following strategies are recommended:

• Family Vigilance: If a family member has recently passed away, ensure that all their accounts (bank, social media, email) are officially closed or memorialized immediately. Be skeptical of any unsolicited contact regarding their “assets.”
• Data Cross-Referencing: Financial institutions should update their KYC (Know Your Customer) processes to ingest the INSEE Fichier des Décès updates in near real-time (daily/weekly) rather than monthly, to close the window of opportunity for “Ghosting” fraud.
• SIRENE Awareness: Business owners must remember that INSEE never asks for payment to register a company or update a SIRET number. Any email or letter demanding fees for “Sirene Registration” is a scam.
• GDPR Rights: While death cancels GDPR rights for the individual, living relatives can request the suppression of data if its publication harms their privacy or security (via the “Opposition” flag), though this is complex for public registries.

Secure Your Business with Brinztech — Global Cybersecurity Solutions

Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback?

For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com