Update of April 23, 2025 at 5:35 p.m.:
Shortly after the publication of this article, Easy Cash provided some clarification to 01net. The company explains that "this incident is the subject of an in-depth investigation with the OrangeCyberDefense firm, and statements have been carried out with the competent regulatory authorities and data protection authorities in France.
Furthermore, fewer than 100,000 people were affected. This incident "could have allowed the recovery of personal data of 92,000 customers and that of store employees", assures the brand, specifying that the elements put forward by researcher Clément Domingo cannot be corroborated. At this stage, "no concrete evidence can confirm his statements.". The company "is working closely with its experts to analyze whether new elements have emerged.".
Original article
Easy Cash announces that it has been the victim of a cyberattack. The French company, which specializes in the purchase and sale of used and refurbished products, is currently notifying its customers by email of a "localized cybersecurity incident" on a store computer." The intrusion was detected on April 16, 2025.
Data was "potentially" accessed by the attackers, namely the "first name, last name, date of birth" of some of the customers. However, "no banking data, no password, nor any means of accessing your Easy Cash account is not affected.".
How many French people are affected by the Easy Cash hack?
Furthermore, the firm emphasizes that no "fraudulent use of this data has been observed.". Easy Cash does not disclose the number of people who are potentially affected by the data leak. As researcher Clément Domingo reveals, the leak may have affected 13.6 million users.
While investigating criminal networks, the expert discovered a database belonging to Easy Cash, which was being sold to the highest bidder. The directory, which lists the information of millions of people, was "detected since the end of December 2024". At this time, there is no evidence that the stolen data is linked to the directory that is being sold on black markets for up to €4,000.
In any case, all Easy Cash customers are advised to exercise the utmost caution. The cyberattack could lead to a wave of scams and phishing attempts. Easy Cash encourages its customers to be "vigilant towards any suspicious or unusual messages, especially those asking for personal information":
Furthermore, the company asks those affected to change their account password. The company has "filed a complaint and the incident has also been notified to the competent authorities", namely the National Commission for Information Technology and Civil Liberties (CNIL). Data leaks are accelerating in France. Before Easy Cash, the companies Indigo and Alain Afflelou were also targeted by computer intrusions.
0 Comments