Bouygues Telecom, a major French telecommunications provider, has announced a significant cyberattack compromising sensitive personal data belonging to 6.4 million customers.
This incident ranks among the largest telecom data breaches reported in France in recent years. The company confirmed detecting the breach on August 4th but did not specify the duration of the attackers’ access or the exact containment timeline.
According to Bouygues Telecom’s notification for affected users, the exposed data includes customer contact information, contractual details, civil status information, and for business accounts, company data. Critically, international bank account numbers (IBANs) were also accessed. The breach impacts a substantial portion of the carrier’s approximately 26.9 million mobile subscribers. The company has formally reported the incident to France’s data protection authority, CNIL, complying with national and European regulations.
A notable aspect of the company’s response involves the accessibility of breach information. The dedicated webpage informing customers about the attack contained a hidden “noindex” tag in its source code. This technical directive prevents search engines like Google from listing the page in search results, making it difficult for the public to find without a direct link provided by Bouygues. Company spokespersons did not immediately respond to requests for clarification regarding this indexing choice or for further details on the attack’s specifics.
This security lapse at Bouygues Telecom follows closely on the heels of cybersecurity issues at Orange, France’s largest telecom operator. Orange alerted customers on July 29th to potential service disruptions stemming from a separate cyberattack, stating it had isolated affected systems as a precaution. The incidents highlight ongoing security challenges within the French telecommunications sector.
0 Comments