A threat actor has surfaced on Breachforums, claiming to possess and sell a database from SFR (Société Française du Radiotéléphone), the third-largest telecom company in France.
Breach Details:
- Breach Date: June 7, 2024
- Compromised Users: 1,445,683
- Compromised Data:
- Names
- Landline Phone Numbers
- Geographic Locations (including latitude and longitude)
- Subscription status
- Redlist status
The threat actor has specified that the database includes detailed user information, allowing potential buyers to access a comprehensive dataset of SFR customers.
The threat actor has provided the following selectors as part of the dataset:
- First Name
- Last Name
- Phone Number
- Address
- Latitude
- Longitude
- Subscription Status
- Redlist Status
Sales Information:
- Price: Offer price available via private message
- One-Hand Price: 2.5 times the offer price
- Payment Methods: Accepting XMR (Monero) and LTC (Litecoin)
The threat actor is offering the database for sale, with prices available upon request via private message on Breachforums. They are accepting XMR and LTC for payment. The actor also notes that they will delete the sale thread after the exclusivity price is paid.