Pierluigi Paganini October 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information.

Free S.A.S. is a French telecommunications company, subsidiary of Iliad S.A. that provides voice, video, data, and Internet telecommunications to consumers in France. The company is the second-largest ISP in France with over 22.9 million mobile and fixed subscribers.

Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. The threat actors had access to the internal management tool and gained access to some subscribers’ personal data.

“Free was “the victim of a cyberattack targeting a management tool” leading to “unauthorized access to some of the personal data associated with the accounts of certain subscribers ,” the second largest telephone operator in France confirmed to Agence France-Presse (AFP) on Saturday, October 26.

“No passwords” , “no bank cards” , “no content of communications (emails, SMS, voice messages, etc.)” are affected by this attack, the date and extent of which have not been specified, the company added. “No operational impact has been observed on (its) activities and (its) services. “”

The telecommunications firm has filed a criminal complaint and informed France’s agencies National Commission for Information Technology and Civil Liberties (CNIL) and the National Agency for the Security of Information Systems (ANSSI).

The company said that passwords and bank card details were not compromised, it also pointed out that its customers’ communications were not exposed.

The seller listed two databases for sale one containing 19,192,948 customer accounts and another including 5.11 million IBAN details.

The seller also published a sample of the stolen data and some screenshots.

Exposed customers’ data includes First and last names, Phone numbers, Full postal addresses, Dates of birth, Emails, and more.

“This suspected data breach reportedly affects Free Mobile and Freebox customers, with the data leak dating back to October 17, 2024, according to the cybercriminals.” wrote the cyber evangelist SaxX. “Additionally, the cybercriminal’s profile was created just yesterday. Recently, many cybercriminals have been creating profiles shortly before sharing information about hacks, attacks, or data leaks in France.”

“Thus, this information should be taken cautiously until confirmed. There has been a rise in the use of AI-generated data leaks, a trend I mentioned weeks ago.”

The company has promptly taken measures to mitigate the security breach.

“All necessary measures have been taken immediately to put an end to this attack and strengthen the protection of our information systems,” stated Free.

Recently, Telecom operator SFR disclosed a data breach exposing customer information, including IBANs.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)