The personal data of 14 million Free customers is for sale on the dark web. A hacker managed to penetrate a database of the mobile operator, retrieve the information and put it up for sale on a clandestine forum, reports the media specialized in cybercrime Zataz.
The database would contain sensitive data such as the names, e-mail addresses, telephone numbers and postal addresses of the targeted customers. The hacker behind the theft sells only one copy of this file to keep a copy as well. He said on the forum that he would only sell the data to one person for several hundred dollars.
The hacker also demands payment in Monero. It is a cryptocurrency that allows anonymous transactions that do not publicly reveal the identity of the seller or buyer and the amount. For comparison, all transactions made in Bitcoin are public.
To prove his seriousness, the hacker also published some of the stolen data. This extract only includes information from customers residing in two arrondissements of Paris. Contacted by Zataz, some people concerned explained that they had moved or were no longer customers of Free... for years now.
The data could therefore be old. Nevertheless, this theft poses a significant risk to customers. In the hands of a scammer, they can help design a phishing campaign to steal money. The more personal information criminals have about their victims, the more convincing they are in their approaches.
Worse: this data can be used in brute force attacks, says 01net. To do this, the cybercriminal only needs an email address and a few hours or even minutes. This type of attack consists of designing an algorithm that will crack the password of an email account alone.
- Personal data