French ISP Confirms Cyberattack, Data Breach Affecting 19M

Share This Post

Free, a French telecommunications company and the second largest Internet service provider (ISP) in the country, has disclosed a cyberattack that it said it fell a victim to over the weekend. It’s the latest in a line of attacks against ISPs and telcos of late.

A threat actor stole information from the company’s internal management tool, gathering information on the company’s subscribers, and attempted to sell the data on the Dark Web in a cybercrime forum, the ISP confirmed to Agence France-Presse (AFP) on Saturday.

The hacker, known as “drussellx,” posted a message on the forum, putting two databases stolen from the ISP company up for auction. The databases reportedly contained information on more than 19 million customer accounts, and more than 5 million international bank account details.

The bad actors gained “unauthorized access to some of the personal data associated with the accounts of certain subscribers,” according to Free, which has more than 22 million mobile and fixed subscribers. However, it stressed that no passwords, bank-card information, emails, SMS, or voicemails were compromised; and, its services have not been impacted.

Internet service provider networks are increasingly being targeted by bad actors in attacks to steal data and set up base for new tactics and techniques. Take advanced persistent threat (APT) Salt Typhoon for example, which has been targeting these networks in the US likely due to the information they can garner, such as home addresses, billing information, SMS, and more.

Another APT group known as Evasive Panda (aka StormBambaoo and DaggerFly) also targets ISPs, using them as a launchpad to exploit software vendor update mechanisms by using DNS poisoning.

Now, in the wake of its own ISP attack, Free reports that it will soon be informing impacted customers via email regarding the breach. It has also filed a criminal complaint and informed France’s National Commission for Information Technology and Civil Liberties (CNIL) and the National Agency for the Security of Information Systems (ANSSI).

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltceeaf4c2dcfeac67/672118dc1e8517816cfe206d/frenchISP(1800_Timon_Schneider_alamy.jpg?disable=upscale&width=1200&height=630&fit=crop

This post was originally published on this site

More Articles

Article

Navigating SEC Regulations In Cybersecurity And Incident Response

Free video resource for cybersecurity professionals. As 2024 approaches, we all know how vital it is to keep up to date with regulatory changes that affect our work. We get it – it’s a lot to juggle, especially when you’re in the trenches working on an investigation, handling, and responding to incidents.