Last September, Boulanger was the victim of a cyberattack. A cybercriminal managed to steal more than 27 million personal data belonging to the brand's customers. The hacker put the information up for sale on BreachForums, the forum that allows cybercriminals to trade directories of compromised data. The price set was 2,000 euros.
A hacker distributes the data for free
Since the incident, the price of the database has dropped considerably, says researcher Clément Domingo. A few weeks ago, the directory was worth only 300 euros. Finally, the database was put online for free by another cybercriminal.
All BreachForums users can now view the personal data of Boulanger customers, by paying eight cryptocurrency credits, or approximately two dollars. For a low cost, a budding hacker can get their hands on the information of millions of French people in order to orchestrate convincing and effective cyberattacks.
New wave of scams in sight
The directory includes the name, first name, telephone number, full postal address, geographic coordinates (latitude and longitude), and even the email address of customers. This is more than enough to carry out calibrated phishing attacks or identity theft attempts. A "new episode of potential scams" is beginning in France. They will affect "millions of French people in the coming days and weeks".
This database was disclosed as the number of security incidents continues to explode in France. During the first quarter of 2025, brands like ShowroomPrivé, Kiabi, and Thermomix fell victim to hackers. These repeated attacks pose serious threats to the French population.
0 Comments