Telecom operator SFR has suffered a data breach involving its customers, including IBANs, the group confirmed to Agence France-Presse (AFP) on Friday, September 20, following the publication of letters to its subscribers.
“On September 3, SFR detected a security incident affecting one of its customers’ order management tools”the operator announced in a standard letter consulted by AFP and sent to interested customers.
According to the letters, the data made available covers the “surname, first name, contact details provided at the time of ordering (telephone number, email and postal address, delivery address if applicable), contractual data (subscribed offer, order content), as well as the identification number of the terminal and SIM card (for orders of mobile terminals ».
For some customers, the proportion of which SFR did not disclose, this data breach also affected IBANs.
When questioned, the group did not specify the total number of customers affected by this breach, but confirmed that it had affected both traditional subscribers and subscribers to its “Red by SFR” offer. SFR announced that it had filed a complaint with the public prosecutor and had notified the National Commission for Information Technology and Civil Liberties (CNIL) about this data breach, a mandatory measure since 2018.