Hundreds of thousands of customers affected by data leak after cyberattack on Boulanger brand – Libération

“Dear customer, on the night of September 6 to 7, Boulanger was the victim of an act of cybercrime,” begins the email sent by the brand to its customers this Monday, September 9. According to several specialized sites, including FrAndroid or mac4ever, a database of 27 million lines of information allegedly stolen from the household appliance brand is already for sale.

“Limited” accident and “increased” vigilance

“The data collected is only related to deliveries, but no banking data” tried to reassure Boulanger. In other words, some addresses, names or telephone numbers would be affected. Several hundred thousand customers would be victims of the attack, according to BFMTV. So many of them are seeing their personal information potentially leaked on the darknet.

Hackers and cybercriminals are indeed fond of this type of data, which allows them to set up tailor-made phishing scams for potential victims – for example, using fake delivery messages, with the targeted person’s personal information in support, to try to obtain new, more sensitive data. Or as part of identity theft.

Boulanger would have already “circumscribed” the incident and “reinforced” its vigilance both on its website and on its mobile application, according to the company’s communication. The brand also assured that it had notified all customers whose data had been stolen, in accordance with the GDPR.

However, the company did not describe in its email the probable consequences of the leak, nor communicate the contact details of the data protection officer, as required by the same European legislation, noted Guillaume Champeau on X (formerly Twitter). The digital law expert and founder of Numerama gave his advice and answered questions from disgruntled Internet users: “Nice… so you have your personal data out there but it doesn’t seem serious…” “Gaëtan” lamented in response to the email he received warning him of the cyberattack.