leaksear.ch has indexed an ENI customer dataset containing 58,047 records, with a breach date of December 27, 2025, exposing names, email addresses and phone numbers alongside account metadata (leaksear.ch metadata). ENI is an Italian energy company with French retail and business energy operations; Clubic reported that ENI told French customers it had been the victim of an unauthorized disclosure after hackers published client data online (www.eni.com, www.eni.com, www.clubic.com).
What happened
Public reporting places the exposure at the end of December 2025. Clubic reported that an actor using the Lapsus-Group name posted an ENI file on a cybercrime forum on December 27, 2025, claiming 89,463 lines tied to French customer data. The same report said ENI confirmed in a message to customers that there had been an unauthorized disclosure of professional information (www.clubic.com).
Bonjour la fuite, a public French breach tracker, separately listed ENI on December 27, 2025 with 89,463 clients and data fields including name, email address, profile type, company name and function (bonjourlafuite.eu.org). leaksear.ch indexed 58,047 records from the ENI dataset; the collection's breach date in the index is December 27, 2025 (leaksear.ch metadata).
Neither the supplied metadata nor the public reporting reviewed for this article establishes the initial intrusion vector. The actor name should be treated as a claim from the forum post, not an attribution by leaksear.ch (leaksear.ch metadata).
What data was exposed
According to leaksear.ch metadata, the directly searchable pivots are email, name and phone (leaksear.ch metadata). Other stored fields include client reference, company or organization name, account creation date, last login date, job or function text, profile and account status (leaksear.ch metadata).
Public reporting also described business contact data such as company name, customer reference, professional email and professional phone number, and said ENI's customer notice stated that passwords, consumption histories and bank details were not compromised (www.clubic.com).
Why this matters
Names, professional emails, phone numbers, company names and customer references can be used to make supplier impersonation, payment-change, invoice or account-update messages look credible (leaksear.ch metadata, www.clubic.com). Account profile/status data and last-login dates can also help attackers prioritize or personalize phishing attempts (leaksear.ch metadata). Security teams should flag affected addresses and phone numbers for phishing monitoring, and individuals should verify ENI-related requests through official channels rather than replying to unsolicited messages. If you want to check whether your email, name or phone appears in this ENI leak, search leaksear.ch for your own exposure.
Check your exposure
Vetted researchers and incident-response teams can request access or sign in if they already have access to check this dataset. Searchable pivots for this leak include email, name, and phone.