Hackers Claim to Sell Data Breach at French Internet Service Provider ‘Free’

• The Free ISP reported unauthorized access to its systems after a hacker announced the sale of the data breach.
• While other details are yet unknown, attackers accessed some personal subscriber information.
• The data on sale reportedly impacts over 19 million customer account information, including IBAN details, names, phone numbers, and more.

Free, France’s second-largest internet service provider (ISP), confirmed a breach of its systems, resulting in unauthorized access to subscriber data. The Paris-based company, which serves over 22.9 million mobile and fixed-line subscribers, reported the incident following the attempted sale of claimed customer data on a dark web cybercrime forum.

The breach targeted a management tool within Free's systems, allowing attackers access to some personal subscriber information. 

The hacker, nicknamed "drussellx," sells two databases stolen from Free they claim to have exfiltrated on October 17, reportedly containing over 19 million customer account details and over 5 million IBAN details, including names, telephone numbers, email and postal addresses, and dates of birth.

Yet, the ISP said passwords, bank card information, or the contents of communications (emails, SMS, or voicemails) were not affected.

Crucially, the company has stated that sensitive financial data, including bank details and passwords, were not compromised. While the exact date and scope of the breach remain unspecified, Free assured that there was no operational impact on its services.

In response, Free promptly filed a criminal complaint with the public prosecutor and informed both the National Commission for Information Technology and Civil Liberties (CNIL) and the National Agency for the Security of Information Systems (ANSSI) in compliance with French law. 

The company has reinforced its cybersecurity measures to prevent further unauthorized access and is in the process of notifying affected subscribers via email.

This incident underscores ongoing cybersecurity challenges within France's telecom sector following a similar breach at SFR in September. These events highlight vulnerabilities in customer management systems and have prompted calls for stricter industry-wide standards and enhanced cybersecurity protocols.

Affected subscribers are advised to remain vigilant for any suspicious account activities and adhere to guidance provided in Free’s notification email.

The recurring breaches have intensified pressure on French ISPs to fortify their defenses against increasingly sophisticated cyber threats, with government bodies encouraging continual upgrades to security infrastructures.