Free ISP announces data breach, millions of users possibly affected

3 weeks ago

Image Credit: Shutterstock (Image credit: Shutterstock)

One of nan biggest net work providers (ISP) successful France has confirmed suffering a cyberattack that saw it suffer delicate customer data.

A threat character othername “drusselx” opened a caller thread connected nan infamous Breach forums, advertizing a awesome database for sale, claiming it contains information connected 19.2 cardinal Free customers, and holds much than 5.11 cardinal IBAN numbers.

An IBAN (International Bank Account Number) is simply a unsocial identifier for slope accounts utilized successful world transactions to guarantee accuracy and streamline cross-border payments. While an IBAN cannot beryllium utilized straight to make money withdrawals, it is still a valuable portion of accusation that tin beryllium abused successful different ways. “It affects each Free Mobile and Freebox customers, and includes nan IBANs of each 5.11 cardinal Freebox subscribers,” nan advertisement concluded.

Smash and grab

"The affected subscribers person been aliases will beryllium informed by email shortly," a Free spokesperson told BleepingComputer. "No operational effect was observed connected our activities and services" nan spokesperson added, stating that "all basal measures were taken instantly to put an extremity to this onslaught and fortify nan protection of our accusation systems."

It seems this was a elemental smash-and-grab. The institution revenge a criminal complaint, and notified nan due authorities. Free besides added that nan crooks did not bargain passwords, slope paper information, and communications contented (even though drusselx did not mention it).

The ISP had almost 23 cardinal subscribers this summer, and is considered nan second-largest telecommunications institution successful France.

It warned customers to beryllium vigilant of immoderate suspicious slope transfers, noting, "If subscribers nevertheless announcement an different nonstop debit, not corresponding to immoderate day and nary known invoice amount, their slope is obliged to reimburse them. They person 13 months to study nan fraudulent nonstop debit."

Sign up to nan TechRadar Pro newsletter to get each nan apical news, opinion, features and guidance your business needs to succeed!

More from TechRadar Pro

T-Mobile will salary FCC millions successful colony complete aggregate information breaches
Here's a database of nan best firewalls today
These are nan best endpoint protection tools correct now

Sead is simply a seasoned freelance journalist based successful Sarajevo, Bosnia and Herzegovina. He writes astir IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, information breaches, laws and regulations). In his career, spanning much than a decade, he’s written for galore media outlets, including Al Jazeera Balkans. He’s besides held respective modules connected contented penning for Represent Communications.

Source Technology