Free Mobile Data Breach: 19 Million French Customers Exposed

By Ava McKinneyOnline Safety

Free Mobile Data Breach: 19 Million French Customers Held Hostage by Hackers

Two databases belonging to the French telecom operator Free have been put up for sale on the dark web. The leaked information reportedly affects both Free Mobile customers and subscribers of the Freebox internet platform. The two databases contain personal data of over 19 million people, as well as more than 5 million IBAN bank account details.

According to the hacker known as SaxX, the alleged breach and data leak occurred on October 17, 2024. The leaked data includes:

  • Full names
  • Home addresses
  • Phone numbers
  • Dates of birth
  • Email addresses

No price is listed for the databases in the advertisement; instead, the seller invites potential buyers to negotiate terms via an escrow system to ensure secure data transfer. To prove authenticity, a sample of the database and screenshots with data examples have been provided.

It is noted that the hacker’s profile was created just a day before the listing, a common practice among cybercriminals who often open accounts shortly before posting about breaches or leaks. There is also a possibility that the post was generated using artificial intelligence, a method that is becoming increasingly popular in the cybercrime community.

Free Mobile’s Response and Official Statement

Free Mobile officially confirmed the attack on October 26 but declined to comment on the scale of the leak. In a statement relayed through AFP, the company emphasized that the cyberattack did not affect passwords, credit card data, or the content of communications such as emails, SMS, and voicemails. The operator also stated that the incident did not impact the operation of its services.

The company assured that affected users would receive appropriate notifications by email. Free Mobile added that immediate measures were taken to stop the attack and strengthen system security. The operator has also filed a report with the prosecutor’s office and informed cybersecurity and data protection regulators.

Recommended Actions for Users

In his post, SaxX advised Free and other telecom users to take steps to protect their data and prevent possible consequences of the leak. Recommended actions include:

  • Changing passwords on all services linked to operator accounts
  • Using password managers for secure credential storage
  • Enabling multi-factor authentication (MFA/2FA) to protect accounts
  • Regularly updating operating systems and apps on computers and smartphones
  • Being cautious when clicking links in SMS and emails
  • Avoiding the installation of pirated software, which may contain malware capable of stealing user data

Subscribers are also urged to remain vigilant and inform their relatives and close contacts about the risks associated with the potential data leak.

Leave a Reply