One of many largest web suppliers in France, Free S.A.S, has confirmed that it just lately suffered a cybersecurity breach after a hacker tried to promote what presupposed to be stolen information from the organisation on the darkish internet.
Free informed Le Monde that non-public information associated to some prospects had certainly compromised after an attacker focused a administration software.
Nevertheless, in line with the agency, no passwords, financial institution card info, or the contents of communications (emails, SMS, or voicemails) had been compromised by the assault.
Moreover, Free says that its companies haven’t been impacted by the incident.
Nonetheless, the hacker (who calls themselves “drussellx”) posted a message on a darkish internet cybercrime discussion board providing up for public sale two databases stolen from Free – containing particulars of over 19 million buyer accounts, and over 5 million IBAN particulars.
Free has been eager to downplay the importance of the leak of the IBAN particulars, saying that it’s “not sufficient to make a direct debit from a financial institution.”
In accordance with the hacker, the info being supplied on the market was exfiltrated on 17 October 2024, and accommodates the names, phone numbers, electronic mail and postal addresses, and dates of start of Free prospects.
Free, which claims to have over 22 million subscribers, has not confirmed what number of prospects have been impacted by the info breach.
Involved Free customers can be clever to take steps to raised defend themselves from exploitation. These embrace:
- Strengthening their password safety by ensuing that they solely use robust, distinctive passwords.
- Enabling multi-factor authentication wherever obtainable to make it harder for malicious hackers to interrupt into accounts.
- Set up the most recent safety updates.
- Be cautious of clicking on unsolicited hyperlinks despatched through SMS or electronic mail, as they may result in a phishing assault or malicious obtain.
- Stay vigilant of messages and cellphone calls which purport to return from the hacked firm, because it could possibly be fraudsters utilizing stolen account info to pose as the corporate.
- Advise associates and households to take related steps to harden their safety.
Free says that it has contacted the authorities and regulators in regards to the safety breach, and that it will likely be informing affected prospects through electronic mail within the coming days.
