Free puts into perspective the extent of a data leak that targeted some of its customers

We should not take the assertions of the sellers of data leaks at face value. Thus, a hacker claimed on a black market to have a database of Free, grouping information relating to 14 million customers, including their postal, telephone and electronic contact details.

This information was finally denied by the telephone operator. However, if the extent of the leak is disputed, there is indeed information about its customers who have just escaped its control.

According to a spokeswoman for Xavier Niel’s company, the data leak only concerns “a few subscriber records”, all located in the 18th and 19th arrondissements of Paris. The precise number of stolen subscriber cards has not been communicated to the press.

August intrusion

This theft would follow an intrusion spotted in August 2023 by Free’s surveillance systems, following the hacking of an employee’s access by a hacker. The modalities of the hacking have also not been specified.

This mishap forced the company to report the incident to the Cnil, in accordance with its legal obligations. She also filed a complaint with the courts. Finally, Free reminded the press of its vigilance in the face of these types of incidents.

Phishing attacks

The alleged database of Free’s 14 million customers had been put up for sale on a specialized forum, one of the black markets for this kind of activity. The seller, whose pseudonym is “Depressed”, had shared a first sample of a thousand recordings.

The user specified that he only wanted to sell one copy of the database, adding that he preferred a payment in Monero, a cryptocurrency supposed to be less traceable. This kind of personal data then makes it possible to give credibility to phishing attacks.