More than 500,000 customers who may have questions. Auchan was “the victim of a cyberattack” targeting “part of the personal data” of its customers “associated with a loyalty account”. The northern distributor announced that this attack had been notified to the National Commission for Information Technology and Liberties (Cnil), and it also sent an email to the customers concerned. 20 Minutes takes stock of the procedure to follow and the risks, while Auchan, which wants to be reassuring, suggests, if in doubt, modifying its security codes.
What data is concerned?
The data stolen by computer hackers from Auchan concerns “the last name, first name, email address, postal address, telephone number, family composition if provided, date of birth, health card number loyalty and the amount of the loyalty kitty,” detailed a spokesperson for the northern group on Wednesday. On the other hand, “banking data, passwords and PIN codes for loyalty cards are not affected”, she assured, specifying that the incident had been “contained” and “vigilance reinforced”.
What should we do if our data has been stolen?
In an email addressed to its customers, and that 20 Minutes was able to consult, Auchan invites “the greatest vigilance to the risk of fraudulent emails, SMS or calls” (phishing). Please note that if you receive (succeed in detecting) spam by SMS, you can forward it without comments to 33.700. Which serves as a signal.
The Auchan team also suggests changing your security codes, even if they are not affected by the theft. If you have any questions, you can contact customer service on 03 59 30 59 30 Monday to Saturday from 8 a.m. to 9 p.m., and Sunday from 8:30 a.m. to 1 p.m.
If your doubts persist, you can contact the official digital victim assistance service www.cybermalveillance.gouv.fr to make a report and obtain help. The rest of the good reflexes to have can be seen in the video above.
What are we at risk if our data has been stolen?
All this data could make it possible to create “fake profiles or try to scam you using your personal information”, underlines UFC Que Choisir. The theft of your telephone number, data on your “family composition” or your date of birth can, in fact, allow cyberhackers to know a lot about you, to put you at ease and, therefore, to “put in place a plan of attack likely to make you fall into a scam, as our friends atWest France.
“Information can be grouped together. If we find part of the information in one database and part in another, we can make the link between the two. The more complete the information, the more elaborate the scam can be and becomes difficult to detect,” says Corinne Henin, cybersecurity expert interviewed by LCI.
Our file and our solutions to cyberattacks
So what scams are these? Our colleagues list false emails which usurp the visual identity (logo, header) of taxes, the traffic offense payment service or quite simply, Auchan customer service with the marketing of false cards with loyalty points , “an imitation of official mail including a false public official, a false signature or even a false stamp”. “Auchan will never ask you to communicate anything by email, even less banking or personal data,” insisted Auchan's customer relations director, Nathalie Louis, to TF1.
