Numerous tweets mentioned it for several days, before Free finally confirmed it on October 26: the operator was the victim of a hack whose extent, however, is unknown. If the company assures that it is not a bank card number or any private exchange, it confirms to Tech&Co that, however, the IBANs of certain clients have been stolen.
The situation is reminiscent of that of SFR, also the victim of a major hack at the end of summer, which also involved an illicit collection of IBANs from certain clients.
The number of victims is still unknown
As a reminder, an IBAN allows you to identify a bank account to make a transfer. But together with other data, or associated with a fake signature, it can also be used to improperly take money from a victim.
Free assures Tech&Co that he cannot communicate the number of victims. But as required by law, they will be notified individually by email. The first warnings were sent in the last few hours, according to screenshots shared by subscribers on X (Twitter).
In addition to the IBAN, Free specifies that the stolen data includes the subscriber’s first and last name, their postal address, their email address, their telephone number, their customer number, as well as details of their subscriptions with Free.
There are many elements that make it possible to develop formidable fraudulent campaigns by email or SMS (phishing) posing as free, to encourage victims of piracy to communicate their bank card number on fake sites, usurping the identity of the operator.
Source: BFM TV
