After the CAF, EDF’s turn to confirm the hacking of some customer accounts


[Info Numerama] The electricity supplier EDF confirms around twenty illicit connections in customer areas (entreprises-collectivités.edf.fr). The hackers behind these hacks first seek to promote their group.

After the CAF, the hackers continue their promotional campaign. EDF informed us in an email on February 19 of the hacking “ around twenty illicit connections on spaces dedicated to its professional and community customers (entreprises-collectivités.edf.fr) “.

The group’s communication specifies that: “ EDF teams are mobilized to carry out the necessary analyzes to qualify the extent of the compromise and return to a normal situation “. The group as such has not suffered from cyberattacks.

Customers may have noticed some disruptions on the site. “ As a precautionary measure, the website has been put under maintenance and is therefore temporarily inaccessible » specifies EDF. The persons concerned should be contacted in accordance with the rules of the CNIL. They are invited to change their password.

Personal data stolen upstream by hackers

These hacks follow another series of infiltrations into personal accounts. The CAF confirmed to us on February 13 that four family allowance recipients suffered a data breach. A group of hacktivists, militant hackers, called LulzSec had claimed responsibility for these attacks. The same collective of hackers would be behind the hacking of EDF accounts.

This content is blocked because you have not accepted cookies and other trackers. This content is provided by Twitter.
To be able to view it, you must accept the use carried out by Twitter with your data which may be used for the following purposes: allowing you to view and share content with social media, promoting the development and improvement of products from Humanoid and its partners, display personalized advertisements to you in relation to your profile and activity, define a personalized advertising profile, measure the performance of advertisements and content on this site and measure the audience of this site (find out more more)

Manage my choices

The figure of 500,000 accounts is probably wrong.

LulzSec was a historic hacktivist group like Anonymous. These hacktivists – militant hackers – were active in the cyber environment in the 2010s before reducing their attacks.

This is undoubtedly a new young generation that relies on an already famous name to gain media coverage. This group would have linked up with Lapsus$, another popular collective, although we cannot yet confirm that it is them.

Questioned by Numerama, Baptiste Robert, cybersecurity expert and ethical hacker at the head of Predicta Lab, tells us that “ in the last two hack claims from CAF and EDF, we see that the group in question has in reality only collected existing access and has not hacked the organizations. This group will probably look for usernames and passwords in data leaks, take screenshots and boast of having hacked thousands of accounts “.

Online email lists are just a simple address alignment // Source: Numerama
Online identifier lists are very common // Source: Numerama

Be vigilant about your data

However, we advise you – as always – to remain vigilant. Activate double authentication when possible and if you receive suspicious emails, it may be a phishing campaign. Go directly to the EDF website rather than clicking on a malicious link. You can always check if your data has been leaked from these sites.

Do you want to know everything about the mobility of tomorrow, from electric cars to e-bikes? Subscribe now to our Watt Else newsletter!



Source link -100