Our colleagues at Zataz report the presence of a massive data leak of French mobile customers on the dark web. More than 16 million subscribers are said to be affected, including particularly sensitive data.
Email addresses, phone numbers, names, first names, but also IBAN numbers, bank cards... a massive leak containing the personal data of 16.397 million subscribers to the four French mobile operators has just been spotted on the dark web by our colleagues at Zataz. A hacker, possibly French, is believed to be behind this leak, which appeared on a forum on the hidden part of the web.
The data, some of which was allegedly stolen earlier this year, can really harm the victims. According to our colleagues, these victims are mainly based in Paris and Marseille, but also in Lyon, Toulouse, Bordeaux, Dijon, Nantes, Montpellier and Reims. The main risk is the direct exploitation of IBANs and card numbers to steal sums of money.
The latest data leak spotted on the web may expose you to threats
But the people on the list also risk that this cohort of data about them will be exploited to carry out identity theft. The files found by our colleagues have been forwarded to the authorities, particularly CERT for records related to banking data. This should lead to direct contact with the most exposed individuals.
Millions of records could, however, slip under the radar – which encourages all Internet users based in France to check for their own information in this data theft. Several options are available to our readers. The first, often the simplest for those who already have an antivirus suite on their machine such as Bitdefender or Avast, is to use the detection tool generally included in their suite's password manager.
Another option is to consult HaveIBeenPwned.com, a secure site managed by security researchers. Simply enter your email address(es) into the site's search engine. If the address is present in a leak, it should appear in the results. The next step is then quite simple, although daunting. You must immediately change all passwords associated with compromised accounts.
All while respecting the current recommendations, in particular choosing complex and unique passwords for each account. A task that can be greatly simplified by using a password manager.
0 Comments