A significant data breach has reportedly impacted the French telecommunications giant, Corse GSM, potentially affecting millions of its customers. The breach was disclosed by a threat actor known as “ssh_xyz” on the popular hacking forum BreachForums.
According to the claims made by the hacker, data belonging to 200,000 users of Corse GSM was exfiltrated between May 3 and May 25, 2024. To substantiate these claims, the threat actor provided a sample dataset in JSON format, indicating the nature of the compromised information.
The leaked data reportedly includes user identification, personal details like names and phone numbers, contact information such as email addresses, subscription details, financial information like BIC, IBAN, and KYC data, and information on blacklist status. This breach raises concerns about potential financial fraud, identity theft, and targeted phishing attempts.
The hacker also alleged possessing a broader range of information from the leaked database, including national identity card details and SEPA information critical for financial transactions. The threat actor is attempting to sell this database on the dark web, emphasizing the value it holds for malicious actors.
Despite these alarming claims, Corse GSM has not responded or issued an official statement regarding the alleged data breach. Customers are advised to take precautionary measures such as changing passwords, monitoring their accounts for suspicious activity, and reporting any potential fraud to law enforcement authorities.
This incident underscores the persistent threat of cyberattacks and the importance of robust data security measures, particularly for companies handling sensitive customer information like telecommunications firms. It serves as a reminder for businesses and individuals to prioritize cybersecurity practices to mitigate such risks.
Please note that the information provided in this report is based on research from various sources and should be used for reference purposes only. Users are encouraged to exercise caution and take personal responsibility for their actions. The Cyber Express, the news source for this report, disclaims any liability for the accuracy or consequences of relying on this information.