“This attack resulted in unauthorized access to some of the personal data associated with your subscriber account: first name, last name, email and postal addresses, telephone number, subscriber identifier, IBAN and contractual data (type of offer subscribed, subscription date, active subscription or not). » In an email sent to its subscribers this Monday morning, Free, the second largest telephone operator in France, confirms having been “the victim of a cyberattack targeting a management tool”. The rumor had been circulating since last Monday, knowing that a hacker would have put the personal data of 19 million Free customers for sale on the Dark Web. And not only that. 20 Minutes takes stock.
What happened?
Free was “the victim of a cyberattack targeting a management tool” leading to “unauthorized access to part of the personal data associated with the accounts of certain subscribers”, the second largest telephone operator in France confirmed this Saturday in a press release. “No operational impact was noted on (its) activities and (its) services,” added Free, who did not specify the date or scale of the attack.
Since then, the personal data of 19.2 million Free customers and the banking details of more than five million of them have been for sale on the Dark Web. This revelation was made on X by ethical hacker and cybersecurity expert SaxX. A revelation spotted last week by the Presse-Citron website. Clément Domingo, aka SaxX, also assured that the attack had been claimed by a cybercriminal and had taken place on October 17.
By clicking on“I accept”you accept the deposit of cookies by external services and will thus have access to the content of our partners.
More information on the Cookie management policy page
I accept
What data is affected by this attack?
In detail, the cybercriminal behind the attack would offer a first file of more than 43 gigabytes which would include the names, first names, postal addresses, telephone numbers, e-mails and even the Freebox identifiers of the customers. The hacker also claims to have gotten hold of the banking details (Iban) of more than 5.11 million subscribers. These would be contained in a second file.
“No password”, “no bank card”, “no content of communications (e-mails, SMS, voice messages, etc.)” are affected, for its part, the company assured this Saturday.
How will subscribers know if they are affected?
“The subscribers concerned have been or will be informed by e-mail shortly,” the operator said on Saturday. And, this Monday morning, in an email sent to its subscribers, Free assured its customers: “None of your passwords are affected. » “All necessary measures were taken immediately to put an end to this attack and strengthen the protection of our information systems”, further advances the operator.
“We invite you to be extremely vigilant regarding the risk of fraudulent emails, SMS or calls. Please note that our advisors will never ask you for your passwords orally,” warns Free, which says it “sincerely regrets this breach of confidentiality” of its subscribers’ information.
“We invite you to be extremely vigilant regarding the risk of fraudulent emails, SMS or calls. Please note that our advisors will never ask you for your passwords orally,” advises the operator. And give a toll-free number (0 805921100) and the email of the official assistance service for digital victims www.cybermalveillance.gouv.fr.
According to ethical hacker SaxX, it is difficult to know whether this is a bluff intended to put pressure on the operator or whether the data was indeed stolen. If in doubt, Free customers are recommended to change their access codes, use a password manager and activate two-factor authentication. If they are victims of phishing, they will also have to be vigilant against any suspicious links received by email or SMS.
Finally, it is advisable to frequently check your bank accounts in order to quickly detect an unusual transaction.
Where is the investigation?
“A criminal complaint has been filed with the Public Prosecutor,” Free said on Saturday, after an internal investigation lasting several days. The National Commission for Information Technology and Liberties (Cnil) and the National Information Systems Security Agency (Anssi) have been notified, as provided for by law.
“A criminal complaint was also filed with the public prosecutor. The perpetrator of this offense faces a sentence of five years' imprisonment and a fine of 150,000 euros,” the operator assured this Monday in its email sent to its subscribers. For the moment, no price has been announced by any pirate even if, still according to Presse-Citron and RTL, the criminal has announced that he wants to sell these files via an “escrow agreement”, a method involving a trusted third party. of the Dark Web to ensure that the transaction goes through without a hitch.
