Free Mobile Data Breach Exposes 19 Million Users’ Personal Information
Two databases belonging to the French telecommunications operator Free have been listed for sale on the dark web. The information allegedly pertains to clients of Free Mobile and subscribers to the Freebox internet platform. Combined, the two databases contain the personal data of over 19 million individuals, along with more than 5 million IBAN banking details.
According to a hacker known as SaxX, the breach and subsequent data leak purportedly occurred on October 17, 2024. The leaked information includes:
- Full names;
- Residential addresses;
- Phone numbers;
- Dates of birth;
- Email addresses.
The listing does not specify a price for the databases; instead, the seller invites potential buyers to discuss terms through an escrow system, which guarantees secure data transfer. A sample of the database and screenshots of data examples have been provided to verify its authenticity.
It is noted that the profile of the attacker who posted the listing was created shortly beforehand, a common tactic among cybercriminals who often open accounts just before announcing hacks or leaks. There is also speculation that the post may have been generated using artificial intelligence, an increasingly popular method in the cybercriminal community.
Free Mobile officially confirmed the attack on October 26 but declined to comment on the scale of the breach. In a statement shared via AFP, the company emphasized that the cyberattack did not compromise passwords, bank card data, or the contents of communications—emails, SMS, and voice messages. The operator also stated that the incident had no impact on service operation.
The company assured that affected users would receive email notifications. Free Mobile added that after discovering the attack, immediate steps were taken to halt it and strengthen system defenses. The operator also filed a report with the public prosecutor and notified cybersecurity and data protection regulators.
In their post, SaxX advised users of Free and other telecom operators to take precautions to protect their data and mitigate potential consequences of the leak. Recommended actions include:
- Changing passwords on all services associated with the operator’s accounts;
- Using password managers for secure credential storage;
- Enabling multi-factor authentication (MFA/2FA) to safeguard accounts;
- Regularly updating operating systems and applications on computers and smartphones;
- Exercising caution when clicking links in SMS and emails;
- Avoiding the installation of pirated software, which may contain malware capable of stealing user data.
Subscribers are also urged to remain vigilant and to inform family and friends about the risks associated with potential data exposure.
