Free, the second-largest internet service provider in France, confirmed being hacked this weekend following the attempted sale of purportedly stolen customer information on a cybercrime forum.
The Paris-based company has issued a warning that personal data was compromised in the incident, has filed a criminal complaint with the country’s public prosecutor and has notified France’s cybersecurity agency, as reported by newspaper Le Monde on Saturday.
The nature of the cyberattack has not been confirmed. The company said the intruders targeted an internal management tool and that the unauthorized access involved “personal data associated with the accounts of certain subscribers.”
“The affected subscribers have been or will be informed by email shortly,” said the company, adding that passwords and bank card details were unaffected, as were the contents of any of its users’ communications.
Free has not confirmed the total number of individuals impacted by the breach, not when it took place.
The company’s acknowledgement of the incident followed a cybercriminal listing what they claimed were two databases stolen from Free, affecting more than 19 million customers, on a cybercrime forum.
“All necessary measures have been taken immediately to put an end to this attack and strengthen the protection of our information systems,” stated Free.
The incident follows another attack in September impacting SFR, another telecommunications operator in France, when a tool for managing customer orders was compromised.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Alexander Martin
is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.
