Cyber Threat Actor: HommedeLombre
| Actor Type | Location | Known Incidents |
Activist
|
France
|
1 incident |
|---|
Profile
The threat actorknown by the alias HommedeLombre operates from France. The actor identifies as a hacktivist and has been active in public forums. No further personal details or real identity have been disclosed in open sources. The alias appears in a hacker forum where the actor announced the compromise of a customer database. The actor’s activity to date is limited to a single reported operation.
The reported operation targeted the French energy company Engie. The breach occurred on 23 August 2023 and exposed personal data of approximately 110 000 Engie customers. The data included names, emails, phone numbers and cities, but deliberately excluded home addresses and financial information. The actor stated that the action was a protest against rising gas prices in France. Engie confirmed the incident, filed a complaint and began cooperating with law enforcement.
Initial access was gained through a vulnerability in an external provider that managed Engie’s monespaceprime website. The actor retrieved the customer database without deploying malware. No specific malware families, tools or custom tooling were mentioned in the source material. The actor is described as a member of a hacker forum with no evident state sponsorship or affiliation to a criminal consortium. The Engie breach remains the only publicly documented campaign attributed to HommedeLombre.
