Coté Sushi Database Allegedly Leaked - 1.1m Records Exposed

Claim Summary

An actor using the alias “placenta” has posted on a dark web forum, allegedly leaking a database from the French restaurant chain Coté Sushi. The post, dated March 10, 2026, claims the data was originally compromised in March 2025 and contains approximately 1.1 million customer records. The actor has provided a download link behind a registration wall and included a file hash and size details.

What Is Allegedly Exposed

According to the unverified post, the compromised dataset purportedly includes customer names, email addresses, phone numbers, and dates of birth. The actor specifies that there are over 701,000 unique email addresses and nearly 957,000 unique phone numbers within the claimed 1.1 million total records. The post states the uncompressed data file is roughly 124 MB.

Threat Actor Profile

The post author operates under the moniker “placenta.” There is no immediate indication this is an established or high-reputation threat actor within the cited forum ecosystem. The act of re-leaking data allegedly obtained by an “unknown threat actor” over a year prior could suggest this is a redistribution post rather than a direct breach claim, which is a common practice to gain forum credibility. The newness of the account or lack of a known history would be a red flag regarding the credibility of the actor’s direct involvement in the initial compromise.

Potential Impact

If the claims are valid, the exposure of personal identifiable information (PII) like dates of birth, phone numbers, and email addresses could pose significant risks. Affected individuals could face targeted phishing campaigns, smishing attacks, identity theft attempts, and an increase in spam. The inclusion of dates of birth is particularly sensitive, as this data is often used in security verification and identity fraud. For the organization, Coté Sushi, this could lead to reputational damage, regulatory scrutiny under laws like the GDPR, and potential legal liabilities.

What to Watch For

• Verification of Claims: The provided MD5 hash (6FD461E6CC5AF4B9AB7B1E05044D75AE) could be used by security researchers to identify this specific dataset if it appears elsewhere. Monitoring for this hash is advised.
• Data Circulation: Observe if samples of the alleged data appear on other forums, paste sites, or in credential stuffing lists. The claim of 1.1 million records is a specific figure that can be checked against other breach repositories.
• Targeted Phishing: An increase in phishing emails or SMS messages targeting customers of Coté Sushi, especially those referencing specific personal details, could serve as indirect confirmation of the leak’s validity.
• Official Statement: Monitor for any official communication or data breach notification from Coté Sushi regarding an incident in March 2025 or currently.

Disclaimer

This report details unverified allegations from a dark web forum. Yazoul Security has not independently confirmed the validity of this data breach claim. The existence of the breach, the scope of the data, and the threat actor’s involvement are all based solely on the forum post. The information is provided for situational awareness and proactive defense planning only. All claims should be treated as alleged until corroborated by credible evidence or an official statement from the affected organization.