Vendors’ claims of data leaks should not be taken at face value. Thus, a hacker claimed on a black market to have a Free database, bringing together information relating to 14 million customers, including their postal, telephone and electronic contact details.
This information was ultimately denied by the telephone operator. However, if the extent of the leak is disputed, there is much information about its customers which has just escaped its control.
According to a spokesperson for Xavier Niel’s company, the data leak only concerns “a few subscriber files”, all located in the 18th and 19th arrondissements of Paris. The precise number of subscriber files stolen was not communicated to the press.
Intrusion in August
This theft would follow an intrusion detected in August 2023 by Free’s surveillance systems, following the hacking of an employee’s access by a hacker. The terms of the hack were also not specified.
This mishap forced the company to report the incident to the CNIL, in accordance with its legal obligations. She also filed a complaint in court. Free finally reminded the press of its vigilance in the face of this type of incident.
Phishing attacks
The alleged database of 14 million Free customers had been put up for sale on a specialized forum, one of the black markets for this type of activity. The seller, whose pseudonym is “Depressed”, had shared an initial sample of a thousand recordings.
The Internet user specified that he only wanted to sell a single copy of the database, adding that he preferred payment in Monero, a cryptocurrency supposed to be less traceable. This type of personal data then makes it possible to give credibility to phishing attacks.