One of France’s largest telecoms providers has been hit by a cyber-attack which has led to the personal data of 6.4 million customers being compromised.
Bouygues Telecom disclosed the incident on August 6, revealing that a “third party” was able to access certain personal information associated with certain Bouygues Telecom subscriptions.
The attack was detected on August 4, with the firm stating it has blocked malicious access and strengthened monitoring of its systems.
The compromised data includes contact details, contractual data, civil status details and company data for professional customers.
Additionally, customers’ international bank account numbers (IBAN) were accessed by the hackers. This number is the intentional identifier of a bank account with a financial institution and is required to carry out transactions such as a direct debit or transfer.
Credit card numbers and passwords relating to Bouygues Telecom accounts were not included in the breach.
“All the customers concerned have received or will receive an email or SMS to inform them,” Bouygues wrote.
Impacted customers have been told to watch out for fraudulent emails and calls. This includes scammers using the stolen data to impersonate Bouygues or another company to try and obtain additional information such as credit card numbers and username and passwords.
Those whose IBANs were compromised have been advised to check their accounts and to call their bank if they have any doubts.
The Commission Nationale de l'Informatique et des Libertés (CNIL), France’s national data protection agency, has been informed of the incident.
Additionally, Bouygues has filed a complaint with judicial authorities.
“The perpetrator of this type of offence is liable to penalties of up to five years in prison and a fine of 150,000 euros,” the company warned.
Bouygues is the third largest telecoms provider in France, serving 23.4 million customers.
Telecoms Providers Under Attack
The attack on Bouygues comes just a week after Orange, France’s leading telecoms provider, revealed it had been hit by a cyber-attack.
The company’s security teams isolated parts of the systems that were potentially impacted, disrupting services for Orange customers.
However, the company stated that no corporate or customer data has been compromised.
In late 2024, a large-scale cyber espionage campaign by Chinese state-sponsored group Salt Typhoon compromised major telecoms providers in the US, including Verizon, AT&T and Lumen Technologies.
Image credit: sylv1rob1 / Shutterstock.com
No tags.
