French ISP Free confirms data breach after hacker puts customer data up for auction

One of the largest internet providers in France, Free S.A.S, has confirmed that it recently suffered a cybersecurity breach after a hacker attempted to sell what purported to be stolen data from the organisation on the dark web.

Free told Le Monde that personal data related to some customers had indeed compromised after an attacker targeted a management tool.

However, according to the firm, no passwords, bank card information, or the contents of communications (emails, SMS, or voicemails) were compromised by the attack.

Furthermore, Free says that its services have not been impacted by the incident.

Nonetheless, the hacker (who calls themselves "drussellx") posted a message on a dark web cybercrime forum offering up for auction two databases stolen from Free - containing details of over 19 million customer accounts, and over five million IBAN details.

Free has been keen to downplay the significance of the leak of the IBAN details, saying that it is "not enough to make a direct debit from a bank."

According to the hacker, the data being offered for sale was exfiltrated on 17 October 2024, and contains the names, telephone numbers, email and postal addresses, and dates of birth of Free customers.

Free, which claims to have over 22 million subscribers, has not confirmed how many customers have been impacted by the data breach.

Concerned Free users would be wise to take steps to better defend themselves from exploitation. These include:

• Strengthening their password security by ensuing that they only use strong, unique passwords.
• Enabling multi-factor authentication wherever available to make it more difficult for malicious hackers to break into accounts.
• Install the latest security updates.
• Be wary of clicking on unsolicited links sent via SMS or email, as they could lead to a phishing attack or malicious download.
• Remain vigilant of messages and phone calls which purport to come from the hacked company, as it could be fraudsters using stolen account information to pose as the company.
• Advise friends and families to take similar steps to harden their security.

Free says that it has contacted the authorities and regulators about the security breach, and that it will be informing affected customers via email in the coming days.