More than 5 million IBAN numbers and 19 million customer accounts were compromised

A breakthrough that could be on an unprecedented scale! During the night, a hacker allegedly put the personal data of almost all Free customers up for sale. The leak has not yet been confirmed, and even if it is a false alarm, caution is still required.

© Saxx/Twitter

43.6GB file goes on sale on Amazon Dark Web SaxX Ethical Hacker Alerts onThis will include the personal data of more than 19 million Free Mobile and Freebox customers. The second file will contain the IBAN numbers of more than 5 million customers. A fact that does not fail to recall the serial hacks of which SFR has recently been a victim.

Read also:
50,000 SFR client files distributed over the Internet by French hackers!

The leak has not yet been confirmed by Free

As usual, this file for sale contains personal data, some of it sensitive, belonging to clients of the Xavier Niel Atelier. In addition to surnames, first names, phone and email details, other sensitive information will appear there such as postal address, Freebox ID or even banking details.

However, SaxX points out that this so-called hack should be taken with caution. The leak has not yet been confirmed by Free. At the moment, we only know that the hack occurred on October 17 and that the seller intends to transfer the files all at once through the systemWarrantyAn electronic intermediary system that guarantees the transaction of funds and data!

Last year, a hacker claimed to have compromised the data of 14 million customers, something Free strongly denied. Hence this could also be an attempt, either to ransom the operator, or to scam potential buyers.

This leak comes in a context in which hacking operations are piling up. Both between operators and in our public services (Pôle Emploi, CAF, France Connect, etc.). Let's also remember that Free is not an example in terms of cybersecurity. At the end of 2022, the CNIL condemned operator Iliad Group for failing to protect personal data.

Read also:
Free Mobile: A ridiculous fine for failing to protect personal data

What should we do if we are affected by this leak?

If you are a free customer and have any doubts, don't wait for a response! Here are the steps to take if your data is likely to be published on the dark web. These reactions should be adopted, both for individuals and for companies:

  • Update all your systems : Operating system updates for your devices plug security vulnerabilities. It is essential to do this when possible, on your smartphone, tablet and computer.
  • Use a password manager One of the most common mistakes is using the same password for all your accounts. The password manager allows you to create and save fairly complex passwords for each account.
  • Enable two-factor authentication (2FA) : It's an extra layer of security that takes the form of a second step of simple, quick authentication via email or SMS.
  • Be alert at all times : There are some small reactions that should be implemented automatically: never click on a suspicious link in an email or SMS, check suspicious communications on mailboxes and social networks and take a daily look at your bank account to make sure there are no suspicious transactions. that it And most importantly After a leak of this type, because malicious people can use the data generated by the leak to impersonate your operator.

Read also:
How do you secure your smartphone, tablet or PC? The ultimate guide!


Brooke Vargas

"Devoted gamer. Webaholic. Infuriatingly humble social media trailblazer. Lifelong internet expert."

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top