French telephone operator La Poste Mobile suffered a ransomware attack

French virtual mobile telephone operator La Poste Mobile was hit by a ransomware attack that impacted administrative and management services.

The ransomware attack hit the virtual mobile telephone operator La Poste Mobile on July 4 and paralyzed administrative and management services.

The company pointed out that threat actors may have accessed data of its customers, for this reason it is recommending them to be vigilant. The company highlight the risks of identity theft or phishing attacks in case their data have been compromised.

“The administrative and management services of La Poste Mobile fell victim, on Monday July 4, to a malicious ransomware-type virus. As soon as we became aware of this incident, we took the necessary protective measures by immediately suspending the computer systems concerned. This protective action has led us to temporarily close our website and our customer area,” reads a statement published by the company on its website that is still down. “Our IT teams are currently diagnosing the situation. Our first analyses establish that our servers essential to the operation of your mobile line have been well protected. On the other hand, it is possible that files present in the computers of La Poste Mobile employees have been affected. Some of them may contain personal data.”

For any additional information concerning personal data, customers can contact La Poste Telecom customer service at the following address: mesdonneespersonnelles@lapostemobile.fr

Who is behind the attack?

The Lockbit ransomware operation added the name of La Poste Mobile on its leaksite overnight from Thursday to Friday.

The gang has been active since at least 2019 and today it is one of the most active ransomware gangs. Recently, the Lockbit ransomware operation has released LockBit 3.0, which has important novelties such as a bug bounty program, Zcash payment, and new extortion tactics.

Recent incidents attributed to the group include attacks on a Foxconn factory, a Canadian fighter jet training company, and a popular German library service.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.