Free Mobile Hit By Major Cyberattack Exposing Personal Data of 20 Million Customers

Free Mobile clients have been advised to stay vigilant against potential scams following a major cyberattack in October that exposed users’ personal data. While the telecom company confirmed the breach, it assured that no passwords or banking details were compromised.

The breach was disclosed on October 22 on X by “friendly hacker” SaxX, who claimed that a cybercriminal was selling two databases on the dark web. One database reportedly includes the personal information of 20 million Free customers, while the other contains five million IBAN records. According to SaxX, the compromised data includes customers’ names, phone numbers, postal addresses, birthdates, and email addresses.

Free Mobile recommended that affected clients change their passwords and be on alert for possible phishing attempts. On October 26, the company publicly acknowledged the cyberattack but did not confirm its full extent. In a statement to Agence France-Presse, Free assured that “no passwords, bank cards, or communication content” were affected. The company added that its operations and services were not impacted.

Free Mobile stated that affected subscribers would be notified via email and emphasized that “all necessary measures were immediately implemented to stop the attack and strengthen the security of our information systems.” The company also reported the breach to the Public Prosecutor and alerted the French data protection agencies.