France‘s second largest telephone operator has been targeted by a serious cyber attack. As of Friday evening, Free informed its customers that it had been “the victim of a cyber attack against a management tool.” In the email sent to affected subscribers, which Le Parisien was able to consult, the operator explains that this attack “resulted in unauthorized access to part of the personal data associated” with their account.
Names, first names, email and postal addresses, dates and places of birth, telephone numbers, subscriber identifiers and contract data were thus stolen. “No passwords, no bank cards and no content of communications (emails, SMS, voice messages, etc.) are affected”, Sabato Libero informs us, which specifies that “the affected subscribers have been or will be informed via e – email soon”, without providing details on the number of customers affected.
The mobile operator assures that “all necessary measures were immediately adopted to put an end to this attack and strengthen the protection of our information systems” and that the attack was notified to the National Commission for IT and Freedoms (CNIL) and to the National Information Office, Agency for Systems Security (ANSSI).
A complaint was also filed with the Public Prosecutor’s Office. The perpetrator of this crime risks a sentence of 5 years in prison and a fine of 150,000 euros.
Millions of customers potentially affected
The attack was claimed earlier in the week. thecybersecurity expert SaxX_ reported on his X account on Tuesday that “two databases allegedly belonging to Free” were put up for sale on a popular site for reselling stolen data, sharing screenshots. The first concerns “19,192,948 customer accounts” and the other consists of “5.1 million IBAN data”. According to him, the data leak dates back to October 17.
On Friday evening, after Free confirmed the data leak from its customers’ files, SaxX_ said on the same social network that “according to some further information received, the cyber criminal would have received offers to purchase the two databases for around 50,000 euros! “. According to him, “we are facing one of the most significant cyber attacks in recent years for a telephone operator in France! »
How to react?
In his email, Free urges all his clients “to exercise maximum vigilance” in the days and weeks ahead “when faced with the risk of fraudulent emails, SMS or calls”, specifying that their advisors “do not ask never the word of goes oral”. . Do not click on links received via SMS or email and, in case of suspicion, it is advisable to contact the official digital victim support service on www.cybermalveillance.gouv.fr to make a report.
The government website remember that a leak of personal data can have “multiple possible consequences” for the person who is the victim, from phishing to fraud, through extortion, identity theft, cyberstalking or even attempts to hack into the online accounts he or she owns.
As with any cyber attack, changing your passwords is highly recommended. In case of fraudulent use of the personal data communicated, Cybermalveillance begins to “keep all evidence (messages, website address, screenshots, etc.)” and to file a complaint at the police station or the gendarmerie brigade, or in writing to the public prosecutor of the judicial court of which you are a member.
#Free #Customer #personal #data #stolen #cyber #attack