French police arrest 21-year-old “HexDex” hacker over 100 alleged data breaches

INDUSTRY NEWS 2 min read French police arrest 21-year-old "HexDex" hacker over 100 alleged data breaches Graham CLULEY April 28, 2026 Promo Protect all your devices, without slowing them down. Free 30-day trial A 21-year-old man suspected of conducting approximately 100 data breaches since late 2025 - including a hack of the French Ministry of National Education that exposed records on almost a quarter of a million employees — has been arrested at his home in western France. According to French prosecutors, the man was reportedly preparing to dump yet another collection of stolen data online at the time of his arrest on 20 April, and has admitted to using the pseudonym "HexDex" online. The police investigation began on 19 December last year, when the Paris prosecutor's cybercrime unit received around 100 reports of data exfiltration, all apparently linked to the same perpetrator. The man has since been formally charged with six offences, four of which carry the 'organised gang' aggravator under French law, and has been remanded in custody pending trial. In an interview given before his arrest, HexDex reportedly described his motivation as purely financial." HexDex's alleged victims reportedly include: The French Ministry of National Education - where he is said to have compromised Compas, the trainee teacher management system, exposing names, home addresses, phone numbers, and absence records for around 243,000 employees. The SIA, France's national firearms registry. The e-campus platform used to train France's national police force. The trade unions CFDT and FO. Paris's Philharmonie concert hall. Numerous French sports federations: sailing, athletics, motor sports, gymnastics, skiing, rugby league, aikido, university sport, mountain and climbing, American football, hiking, aeronautics, canoeing and kayaking, disability sports, and savate. French food banks. The hotel chains Logis Hôtels France and Brit Hotel. Stolen data is said to have been republished on the cybercriminal marketplaces BreachForums and DarkForums, where his account is now displaying a message saying that it "had been seized." Although HexDex has been linked to many data breaches, the authorities in France have been at pains to point out that he is not believed to be responsible for the recent breach of the ANTS portal, which may have exposed data on up to 12 million account holders. If French police have indeed captured the true culprit, what's striking is that the breaches were not the work of a state-sponsored gang or slick ransomware group. Sometimes it can just be one young man, working from home, methodically exploring which organisations have not secured their systems properly. The volume of breaches (roughly four claimed per week, for months on end) illustrates the depressing reality that even in 2026 we still have many web-facing systems with little or no authentication, unpatched vulnerabilities, and default passwords waiting to be guessed. Organisations would be wise to wake up to the importance of better security systems with multi-factor authentication (MFA), keeping networks and apps patched, strong access controls, and a tested incident response plan. For every HexDex who eventually gets a knock on the door from the police, there are sadly plenty more still beavering away. The best way to prevent your organisation from being the next one targeted by hackers is to make yourself less attractive than the next organisation along. TAGS industry news AUTHOR Graham CLULEY Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s. View all posts RIGHT NOW TOP POSTS SCAM HOW TO Scammer phone number lookup. How to check if a phone number is a scam April 19, 2024 INDUSTRY NEWS DATA BREACH Rockstar Games confirms breach after ShinyHunters leaks stolen analytics data April 14, 2026 FAMILY SAFETY Is your child addicted to screens? What parents should watch for, according to a therapist March 19, 2026 INDUSTRY NEWS MOBILE SECURITY Fake WhatsApp Clone Used in Spyware Campaign, Meta Warns April 02, 2026 FOLLOW US ON SOCIAL MEDIA YOU MIGHT ALSO LIKE INDUSTRY NEWS SCAM Social Media Scams Cost Americans $2.1 Billion in 2025, FTC Warns Filip TRUȚĂ April 28, 2026 4 min read INDUSTRY NEWS French police arrest 21-year-old "HexDex" hacker over 100 alleged data breaches Graham CLULEY April 28, 2026 2 min read INDUSTRY NEWS MOBILE SECURITY iOS Flaw Exposes ‘Deleted’ Message Data Through Notifications – Patch Now! (iOS 26.4.2 and iOS 18.7.8) Filip TRUȚĂ April 23, 2026 4 min read BOOKMARKS You have no bookmarks yet. Tap to read it later.