Alleged SFR Data Breach: Millions Of Users Potentially Exposed
Hacker known as “KevAdams” is allegedly offering to sell sensitive data of over 1.4 million customers for as high as $850.
Krishna Murthy July 15, 2024
Share on LinkedInShare on Twitter
Societe Francaise Du Radiotelephone, popularly known as SFR, a prominent telecommunications company based in France, has fallen victim to an alleged cyberattack. The SFR data breach, which was allegedly orchestrated on July 12, 2024, has been attributed to a hacker known as “KevAdams,” who claims to have infiltrated and compromised over 1.4 million landline users’ data of the company.
SFR is France’s third-largest telecom provider.
Decoding SFR Data Breach Claims
According to the company’s profile, SFR was founded in 1987 and its head office is located in Paris. In 2021, it was categorized as a large company which has over 5,000 employees.
In his post on dark web marketplace Breachforums, threat actor “KevAdams” claimed that the exfiltrated database contained 1,445,683 million records that allegedly compromised sensitive Personal Identifiable Information (PII) of customers.
To substantiate the data breach claim, the threat actor attached sample records, with the latest timestamp of July 2024 which included the “first name, last name, phone number, address, latitude, longitude, subscribed, and redlist [sic]” data of customers.
The TA offered to sell the entire database for $300. The hacker also claimed to sell the data exclusively to a buyer for $850. He asked for payment to be made in XMR (Monero) cryptocurrency or LTC (Litecoin). The actor also noted that he would delete the sale thread after the exclusivity price was paid.
Potential Impact of SFR Data Breach
If proven, the potential consequences of this cyberattack could be critical as the personal details of customers could be leaked. SFR should take appropriate measures to protect the privacy and security of the stakeholders involved. Data breaches of this kind can lead to identity theft, financial fraud, and a loss of trust among clients, potentially jeopardizing the company’s standing in the industry.
Currently, details regarding the extent of the data breach, the amount of data compromised, and the motive behind the cyber assault remain undisclosed.
Despite the claims made by the threat actor, the official website of the targeted company remains fully functional. This discrepancy has raised doubts about the authenticity of the cyber criminal’s assertion. To ascertain the veracity of the claims, The Cyber Express has reached out to the officials of SFR Telecom. As of the writing of this news report, no response has been received, leaving the data breach claim unverified.
Meanwhile, customers can take preventive steps like changing passwords and login credentials of accounts linked to Corse GSM. They should also be wary and not fall victim to phishing attempts. Fraudsters could use the leaked email addresses to send fraudulent links. They should also monitor their bank accounts linked to the subscription of Corse GSM mobile plans. They should also relay information about any suspicious activity to law enforcement authorities.
The cyberattack on Societe Francaise Du Radiotelephone underscores the persistent threat posed by malicious actors seeking to exploit vulnerabilities in digital infrastructure.
As organizations continue to rely heavily on technology to conduct their operations, safeguarding against cyber threats remains paramount to protect sensitive data and maintain the trust of customers and stakeholders alike.
This is an ongoing story and The Cyber Express will be closely monitoring the situation. We’ll update this post once we have more information on the alleged SFR Telecom data breach or any official confirmation from the organization.
