New hack for SFR, with unauthorized access to many of its customers’ personal data. Among the stolen information are their IBANs and SIM card numbers.
Like all Internet operators, SFR is an attractive target for cybercriminals because of the colossal amount of personal information that the ISP has on its many subscribers. So, when it comes to hacking, panic quickly sets in! Recently, SFR subscribers have regularly suffered the consequences. Last July, a hacker put 1.4 million customer data on sale on a famous hacking forum. Then, at the end of August, 50,000 new customer files were once again in the wild, following a “security incident” on a tool used by one of the operator’s partners. But, as they say, never two without three! In an email sent to some of its RED customers on September 19, SFR announced that it had been the victim of a “security incident involving an order management tool” customers, as reported BFMTV.
SFR hack: sensitive data stolen
The operator is referring here to an incident that occurred on September 3, when hackers managed to access several tens of thousands of the operator’s customer files. The first and last names of customers, contact details provided when ordering (telephone number, email and postal address, as well as the delivery address if applicable), contractual information related to the offer subscribed to and the content of the order, SIM card numbers, smartphone identification numbers and IBANs were stolen. This information is therefore particularly sensitive… However, passwords, call details and the content of SMS messages are not affected. SFR assures that it has taken all measures to “definitively close the incident encountered”.
The incident was resolved within hours of its detection, and corrective actions were deployed to strengthen the security of the affected systems. Authentication procedures, particularly with regard to the modification of customer contact details, were also strengthened. A complaint was filed with the public prosecutor and a report to the CNIL was made, as is customary. The operator has also set up a toll-free number to support customers affected by the hack: 08 05 80 49 49.
SFR hacking: what are the risks for customers?
Phishing campaigns are to be feared in the coming weeks. Indeed, when they get their hands on databases, scammers use personal information to adapt their traps and make their messages more credible, including by pretending to be your operator – in this case, SFR.
The fact that IBANs have been stolen can have serious consequences, especially when coupled with other contact details. This can allow cybercriminals to usurp the identity of victims and make false direct debit authorizations, for example for subscriptions that will be debited directly from their bank accounts.
SFR also reminds that none of its advisors are authorized to ask for identifiers or passwords during a telephone conversation. Moreover, it turns out that a new scam is currently targeting the operator’s subscribers. Fake advisors call the operator’s customers under the pretext of a network problem to encourage them to call premium rate numbers (see our article).
In short, if you are a subscriber of the operator, be extra vigilant in the coming weeks and as always, do not respond hastily to emails, text messages, calls, and even registered letters whose sender you do not know or which seem suspicious to you. Take the time to check the identity of the person you are talking to before doing anything!