A recent cyberattack on the French telecommunications company Free, the second largest Internet service provider (ISP) in the country, has caused a stir in the tech world. The incident, which saw a threat actor steal information from the company’s internal management tool, has highlighted the increasing vulnerability of ISP networks to malicious actors.
According to reports, the hacker, going by the handle “drussellx,” managed to access two databases containing data on more than 19 million customer accounts and over 5 million international bank account details. The stolen information was then put up for auction on the Dark Web, raising concerns about the potential misuse of sensitive data.
Free, with more than 22 million mobile and fixed subscribers, confirmed the breach but assured customers that no passwords, bank-card information, emails, SMSs, or voicemails were compromised. The company also stated that its services were not impacted by the cyberattack.
This incident is not an isolated one, as Internet service provider networks are increasingly becoming targets for cybercriminals looking to exploit valuable data. In the United States, advanced persistent threat (APT) groups like Salt Typhoon and Evasive Panda have been known to target ISPs for various malicious activities.
Salt Typhoon, for instance, targets ISP networks in the US to gather sensitive information such as home addresses, billing information, and SMS data. On the other hand, Evasive Panda (also known as StormBambaoo and DaggerFly) uses ISPs as a launchpad to exploit software vendor update mechanisms through DNS poisoning.
In response to the cyberattack, Free has taken steps to address the breach and protect its customers. The company has announced that it will be contacting impacted customers via email to inform them of the incident. Additionally, Free has filed a criminal complaint and informed relevant authorities in France, including the National Commission for Information Technology and Civil Liberties (CNIL) and the National Agency for the Security of Information Systems (ANSSI).
As the cybersecurity landscape continues to evolve, incidents like the one experienced by Free serve as a reminder of the importance of robust security measures and proactive threat detection. Internet service providers play a crucial role in ensuring the safety and privacy of their customers’ data, and it is essential for companies like Free to remain vigilant in the face of evolving cyber threats. By taking swift action and cooperating with authorities, Free is working to mitigate the impact of the cyberattack and strengthen its defenses against future incidents.