The bad streak continues in France and it is SFR’s turn to be the victim of a cyberattack. After Cultura and Boulanger, the operator confirms that it has “detected a security incident involving a customer order management tool”. An incident with serious consequences since it resulted in “unauthorized access” to some of its customers’ personal data. The company confirmed the cyberattack in an email sent to several RED customers.
SFR tries to reassure its customers, without much success
The operator wants to be reassuring about the nature of the personal data, but the list is impressive. Thus, the first and last name, contact details such as the telephone number, email and postal address and contractual information (subscribed offer, content of the order) have been leaked. We even find the customers’ IBANs and the identifier number of the device and the SIM card in this long list.
Twitter-tweet” data-media-max-width=”560″>
Bonjour @SFR,
What measures have you put in place?
“Exclusively the following data” has ALL my personal data in it! Your communication is incomplete. #DataProtection #gdpr @CNIL pic.twitter.com/ESyj8p421Q— rBarrat (@Davtux) September 19, 2024
SFR ends by explaining that“no other type of data is affected”. Password, call details or SMS content are not affected by this leak. On X, many customers are annoyed by this situation: “Phew, nothing to worry about, no password or conversations, just the IBAN, a detail anyway…”They also question the deadline chosen by SFR, which only communicated on the subject around September 19, while the problem dates back to September 3. However, the operator specifies in its message that the incident was notified to the CNIL and is the subject of a complaint filed with the Public Prosecutor.
The company did not specify the number of customers affected by the cyberattack to AFP. It did specify that SFR subscribers and those to its “Red by SFR” offer were, however, affected.
SFR warns against phishing
This case comes at a time when the operator with the red square is already facing a massive loss of its mobile subscribers. For the time being, SFR has announced the availability of a toll-free number 0805 80 49 49 to help customers who may be facing phishing attempts (email phishing), smishing (SMS phishing) or attempts to fraudulently access personal information.
Earlier this month, ethical hacker SaxX revealed the leak of 50,000 SFR customer files.
🚨🔴CYBERALERT: 🇫🇷FRANCE🔴 | SFR, 50,000 customer files back in the wild… distributed by French “cybercriminals”
Among the many alerts from my various probes on this return from vacation at full speed, there remains the one on SFR!
Indeed, a… pic.twitter.com/EHOQOR66TG
— SaxX. (@_SaxX_) September 4, 2024
Also read: Hacking of Cultura and Boulanger: what to do if you are affected?
🟣 To not miss any news on the WorldOfSoftware, , .