Réglo Mobile, the low-cost operator of E.Leclerc, was the victim of a cyberattack on February 13, 2026. The intrusion via a vulnerable subcontractor was spotted on February 18, before being immediately contained and repaired. A common modus operandi among cybercriminals, who target weak links in the digital supply chainwhere defenses are often less robust than at the main company.
How many people are affected?
The stolen data affects approximately 358,000 customers for personal information, with more limited volumes for sensitive elements. According to official information communicated by the operator, there are 123,000 PUK codes and 124,000 IBANs or partially hidden card numbers. Name, first name, address, email, telephone number, date of birth, communications records and SIM identification codes are also among the compromised information. Fortunately, customer area passwords have not been affectedwhich limits the immediate risks of direct access to accounts.
Réglo Mobile complied with its legal obligations by alerting the CNIL and filing a complaint with the judicial authorities. An official press release and SMS messages were sent to the subscribers concerned.
Concrete risks and protection for subscribers
If no truly sensitive data has been stolen, the spoils of the attack at Réglo Mobile open the door to targeted phishing (emails, SMS, fraudulent calls) and SIM swapping, where the PUK code allows a SIM card to be hijacked to intercept bank validation codes. Even hidden, stolen IBANs and card numbers will undoubtedly be used to set up credible scams, by letting victims’ guard down.
If you are concerned, check your bank accounts and activate transaction notifications to avoid unpleasant surprises. Never interact with suspicious solicitations, and keep in mind that Réglo Mobile – no more than any other operator – will ask you never your codes or banking information by email or SMS.
The black series continues
The Réglo Mobile affair is part of a series of attacks that has shaken French operators for several years now. Free saw 19.2 million customers impacted in October 2024, with a record fine of 42 million euros imposed by the CNIL for basic security flaws. SFR suffered a leak of 3.6 million data in September 2024, Bouygues Telecom 6.4 million in August 2025, and Orange suffered serious disruptions in July 2025.
The common point between all of these incidents is that the fault systematically comes from a third-party service provider. Operators manage massive databases of sensitive data, and call on employees to support them in their activities. Inevitably, when you multiply the entry points into a database, you also multiply the potential flaws.
🟣 To not miss any news on the WorldOfSoftware, follow us on Google and on our WhatsApp channel. And if you love us, .
