One of many largest web suppliers in France, Free S.A.S, has confirmed that it just lately suffered a cybersecurity breach after a hacker tried to promote what presupposed to be stolen information from the organisation on the darkish net.
Free instructed Le Monde that non-public information associated to some prospects had certainly compromised after an attacker focused a administration device.
Nonetheless, in accordance with the agency, no passwords, financial institution card info, or the contents of communications (emails, SMS, or voicemails) had been compromised by the assault.
Moreover, Free says that its companies haven’t been impacted by the incident.
Nonetheless, the hacker (who calls themselves “drussellx”) posted a message on a darkish net cybercrime discussion board providing up for public sale two databases stolen from Free – containing particulars of over 19 million buyer accounts, and over 5 million IBAN particulars.
Free has been eager to downplay the importance of the leak of the IBAN particulars, saying that it’s “not sufficient to make a direct debit from a financial institution.”
Based on the hacker, the info being provided on the market was exfiltrated on 17 October 2024, and accommodates the names, phone numbers, electronic mail and postal addresses, and dates of start of Free prospects.
Free, which claims to have over 22 million subscribers, has not confirmed what number of prospects have been impacted by the info breach.
Involved Free customers could be smart to take steps to raised defend themselves from exploitation. These embody:
- Strengthening their password safety by ensuing that they solely use sturdy, distinctive passwords.
- Enabling multi-factor authentication wherever accessible to make it harder for malicious hackers to interrupt into accounts.
- Set up the newest safety updates.
- Be cautious of clicking on unsolicited hyperlinks despatched by way of SMS or electronic mail, as they might result in a phishing assault or malicious obtain.
- Stay vigilant of messages and telephone calls which purport to come back from the hacked firm, because it could possibly be fraudsters utilizing stolen account info to pose as the corporate.
- Advise associates and households to take related steps to harden their safety.
Free says that it has contacted the authorities and regulators concerning the safety breach, and that it is going to be informing affected prospects by way of electronic mail within the coming days.
