A threat actor claims to have leaked the database of SFR, a leading French telecommunications company. SFR, the second oldest mobile network operator and the second largest telecommunications company in France, has allegedly had 1,445,684 records compromised. These records include first names, last names, phone numbers, addresses, latitude, longitude, subscription statuses, and redlist information.
According to the threat actor, xzin0vich, the breach details are as follows:
The SFR data was scraped in early June by exinax with access provided by the French threat actor “Zalko.” Both exinax and Zalko are associated with the former Epsilon group. The Epsilon group has been linked to several significant leaks, including those involving Shadow and LDLC, which were entirely attributable to ChatNoir and Casquette, two French threat actors arrested by the French gendarmerie.
The Epsilon group previously exposed LDLC by sharing a screenshot of the company’s employee Discord channel on Twitter (now X), highlighting the company’s disregard for customer data. The screenshot featured Zalko in a voice call with ChatNoir and Kazuya, another threat actor.
The leaked SFR data is being sold on BreachForums, despite being previously leaked in these communities. The current sale aims to generate profit, claim the leak, and gain attention. Notably, KevAdams and “xyz_ssh” are not responsible for the SFR breach.