Data resold for €160,000
According to cybersecurity expert Damien Bancalthe hacker sold the data for approximately 160 000 €. This information includes the surnames, first names, email and postal addresses, dates of birth et IBAN millions of Free customers. However, no password or credit card details are not included in this leak.
What are the risks of IBAN theft?
And IBAN is your bank account identifier, used for payments and direct debits. According to the CNILa hacker could use it to issue fraudulent direct debit orders or usurp the customer's banking identity. The authorities recommend remaining attentive to prevent any illegitimate collection.
How to protect yourself if you are affected
Here are the recommendations from the CNIL to protect your account:
Monitor transactions on your account and file an objection in the event of suspicious activity.
Check the list of authorized creditors in your banking area. Be vigilant against phishing attempts : never communicate passwords or banking information by email or telephone.
What to do in the event of a fraudulent debit?
In the event of unauthorized collection, the French Banking Federation remind you that you have 13 months to contest the transaction, or 70 days if payment took place outside the EU. These remedies are essential to limit financial losses.
How to check if your data has been compromised?
To check if your email address has been affected by a data leak, you can use the site Have I Been Pwnedwhich will alert you if your email appears in a leak. Google also offers a Dark Web Report in the security settings of your account to check if your data has been circulated. However, this report is not available with Google Workplace.
Detailed information on the steps to follow is available on cybermalveillance.gouv.fr.