Overview
- The company says it detected the intrusion on December 23 and cut off exposure the same evening.
- Exfiltrated fields include names, email and postal addresses, phone numbers, shipment and order numbers, and detailed delivery statuses.
- Mondial Relay reports no banking data, passwords, or payment information were accessed.
- Corrective steps included suspending compromised access, hardening security controls, and opening a technical investigation, with affected users notified by email and a formal complaint planned.
- The firm has not disclosed how many customers are affected, and the incident comes during the peak holiday parcel season days after a separate attack on La Poste, raising phishing risks.