-
France set to pass emergency ‘budget law’: is it good or bad for your finances?
The country will effectively be without a budget from 2025, with knock-on effects for individuals and companies
-
EasyJet announces nine new flight routes from France including to UK
A service from Bordeaux to Birmingham is among the new announcements
-
French weekend weather outlook December 14 - 15: gloomy and chilly in the north
Cloudy skies are expected to dominate in the north, but in the south temperatures will still reach double figures
Data of Free internet and phone clients in France stolen and on sale
Hacker is selling the information of thousands of people online to potential scammers
The personal data of clients of Free, one of France’s largest providers of phone and broadband internet contracts, has been found for sale on an underground online forum.
The firm confirmed the situation yesterday (September 14) after a popular online blog, called Zataz, ran an article about it.
The blog “corresponds to information linked to an incident identified in August by our monitoring systems,” said a Free spokesperson.
However, where the original blog post claimed the data of up 14 million customers was leaked and available for purchase, Free said the true number was much lower.
It said the information up for sale (people’s first and last names, email addresses and telephone numbers) corresponds to certain customers from the 18th and 19th arrondissements of Paris.
Data sold for ‘several hundred euros’
Cybersecurity expert Damien Bancal, who wrote the Zataz blog post, claimed the data was being sold for several hundred euros to those interested.
This is the price for the overall database containing the information.
Whilst his original post claimed the data of up to 14 million clients could be involved, he later said the databases contained the information of between 1,000 and 3,000 clients. This would correspond to the leak being contained within the two Parisian arrondissements.
Mr Bancal, who contacted a number of individuals whose information was contained in the database, said “All of them confirmed to me that they were or are Free customers.”
The leak is therefore thought to also impact former Free clients.
Read more: Watch out for new energy bill scam in France
Hackers sell data online
In its statement, Free said a secure space limited to “employee [only] access… had been compromised by a hacker.”
It has lodged a complaint and an official report with France’s data protection agency Commission nationale de l'informatique et des libertés (Cnil), as well as informing the affected customers.
The hacking and leaking of data sets such as this is a common issue not just in France but across the world – hackers steal information from companies and then sell it on the dark web (parts of the internet that cannot be accessed by search engines) to scammers.
Phishing schemes
Scammers then use the information to set up elaborate phishing schemes, gaining the trust of clients because they already have a lot of personal information on them at hand, and can more effectively pretend to be from a company or bank that person uses.
Recently, a style of ‘two-pronged’ scam has become popular with fraudsters in France.
Firstly, the bank details of an individual are collected, either by setting up a small payment for something (such as a €2 railcard) or through a phishing email.
A few weeks after this, scammers will then call victims pretending to be from their bank – using information taken as part of the first step – urging innocent victims to hand over compromising details to gain unfiltered access to their accounts.
We cover a number of scams of this type in an article you can read here.
Related articles:
I was craftily robbed as arrived at supermarket in France, this is how