The second largest telephone operator in France, Free, suffered a cyberattack targeting one of its management tools, compromising certain personal data of its subscribers. The operator filed a complaint and claims that sensitive information, such as passwords and credit cards, was not affected.
Personal data compromised at Free
Free recently confirmed that it was the victim of a cyberattack targeting an internal management tool. This intrusion resulted in “ unauthorized access to part of the personal data associated with the accounts of certain subscribers », Declared the operator to Agence France-Presse (AFP). However, Free wishes to reassure its subscribers: no sensitive data, such as passwords, banking information or the contents of private communications (emails, SMS, voice messages), has been compromised.
Moreover, “ no operational impact was noted on [ses] activities and [ses] services », Specified the operator, who claims to have taken all the necessary measures to quickly secure its infrastructure and prevent possible future attacks.
In connection with this attack, Free immediately filed a criminal complaint with the public prosecutor. The competent authorities, namely the National Commission for Information Technology and Liberties (Cnil) and the National Information Systems Security Agency (Anssi), were also informed of the incident, in accordance with the legislation in force. force.
A new blow for French operators after the attack on SFR
Furthermore, Free indicates that potentially affected subscribers have been or will be notified by email in the coming days. A message was also sent by Free during the night from Friday to Saturday, inviting its customers to be vigilant in the face of a possible risk of phishing, in the form of fraudulent emails, SMS or calls.
This attack occurs in a tense context for telephone operators in France. A few weeks earlier, on September 19, SFR had also been the victim of a security incident involving a tool for managing its customers' orders. Unlike Free, the data leak at SFR involved sensitive information, notably bank details. Both incidents illustrate the growing vulnerability of operator management systems to the rise of sophisticated cyberattacks.
Free, the second largest telephone operator in France, is striving to stem the consequences of this unauthorized access, which remains limited in terms of scale according to current information. However, these incidents raise questions about the security of users' personal data and serve as a reminder of the importance of rigorous cybersecurity protocols, both for telephone operators and for companies with sensitive customer information.
Related News :