SFR, a prominent French telecommunications company, has recently been targeted in a cyberattack allegedly orchestrated by a hacker known as “KevAdams.” This breach, which occurred on July 12, 2024, has reportedly affected over 1.4 million landline users of the company.
SFR, established in 1987 and headquartered in Paris, is the third-largest telecommunications provider in France. With a workforce of over 5,000 employees, the company has been a key player in the industry for several years.
The hacker, using the pseudonym “KevAdams,” claimed responsibility for the breach on the dark web marketplace Breachforums. According to the threat actor, the compromised database contains 1,445,683 records, including sensitive Personal Identifiable Information (PII) of customers such as first names, last names, phone numbers, addresses, and geographic coordinates.
To prove the legitimacy of the data breach, the hacker provided sample records with the latest timestamp from July 2024. These samples included various personal details of customers, indicating the severity of the breach.
Furthermore, “KevAdams” offered to sell the entire database for $300, with an exclusivity price of $850 to a single buyer. Payment was requested in cryptocurrency, specifically XMR (Monero) or LTC (Litecoin), with the promise to delete the sales thread once the exclusivity fee was paid.
The potential impact of this breach could be significant, as the leaked personal information could lead to identity theft, financial fraud, and a loss of trust among customers. SFR must take immediate steps to secure the privacy and security of the affected individuals to prevent further harm.
As the details of the breach, including the motive behind the cyberattack, remain undisclosed, it is essential for SFR to investigate the incident thoroughly and provide transparency to its customers and stakeholders. The credibility of the hacker’s claims needs to be verified to determine the extent of the data compromise.
In response to this cyber incident, customers are advised to enhance their online security by changing passwords, being vigilant against phishing attempts, and monitoring their accounts for any suspicious activity. By taking proactive measures, individuals can protect themselves from potential fraud and unauthorized access.
This breach serves as a stark reminder of the ongoing threat posed by cybercriminals targeting companies’ digital infrastructure. As organizations increasingly rely on technology, safeguarding against cyber threats is crucial to preserving sensitive data and maintaining trust with customers.
The Cyber Express will continue to monitor this situation closely and provide updates as more information becomes available. It is important for individuals to exercise caution and remain informed about cybersecurity best practices in an evolving digital landscape.