Last September, Boulanger suffered a cyberattack. A hacker stole the personal data of more than 27 million customers. This information was put up for sale on BreachForums, a site used by cybercriminals to exchange compromised data for cryptocurrency. A few weeks ago, the database reappeared. This time, it was freely accessible, for a fee of eight cryptocurrency credits, still on BreachForums.
At the end of last week, the directory was put back online on the criminal forum, reports Zataz. This time, the stolen database is completely free. Anyone can download it, without having to pay any financial compensation. As always on BreachForums, simply commenting or liking the post gives access to the download link for the file, which weighs 16 GB.
Authentic Data
By downloading the directory, Zataz was able to confirm that the file contains "just over a million unique lines" containing the data of many of the brand's customers. This is a far cry from the 27 million records claimed by the hacker who leaked the database. The data leaked included first and last names, postal addresses, email addresses, and phone numbers.
Researchers at SafetyDetectives were also able to "confirm that the data appears legitimate". In addition, the data matches the information stolen during the September 2024 cyberattack.
A goldmine for criminals
All the researchers who have looked into the case agree that all cybercriminals will pounce on the directory. As Zataz points out, the file is "a real goldmine for cybercriminals." They will be able to use the personal information of Boulanger's customers to orchestrate phishing attacks or scams of all kinds.
The dissemination of the database increases the dangers that already loom on all French internet users. Since last year, dozens of companies have been victims of data theft, including Kiabi, Indigo, Boulanger, Cultura, SFR, Truffaut and Free. In fact, the personal information of most French people has ended up in the hands of hackers. This is why we recommend that all internet users be extra careful.
Source: Zataz
0 Comments