The days follow each other and, unfortunately, are similar. After Free, Auchan and Picard, it is the turn of Direct Assurance, a subsidiary of the Axa insurance group, to be the victim of a personal data leak. Contacted by us, a spokesperson confirmed the information.
15,000 customers affected
This leak is the result of a cyberattack suffered by “one of the suppliers” of Direct Assurance. The author thus managed to get his hands on the personal data of 15,000 customers of the company. Which corresponds to “1%” of the total users of the company's services.
Are concerned “surnames, first names, date of birth, postal address, email address, telephone number and IBAN“, the spokesperson clarified. “Each“victim was contacted for”warn them, apologize, tell them that we are at their disposal and above all provide them with prevention advice“.
The CNIL alerted
As required by law, given the scale of the leak, the National Commission for Information Technology and Liberties (Cnil) was alerted. However, no complaint has yet been filed, indicated the Axa subsidiary.
Faced with the increase in data leaks, the French data protection authority has published a list of advice, particularly where IBANs are concerned. Indeed, this identifier can in certain cases allow a hacker to issue illegitimate direct debit orders which target IBANs obtained fraudulently. The hacker can also, more directly, usurp the IBAN of another person by communicating them when creating a direct debit mandate as part of a subscription to a service.
Selected for you
