Eurofiber France experienced a data breach, where hackers attempted to sell customer data.
Eurofiber France, part of the Dutch-Belgian Eurofiber Group, has confirmed a data breach after hackers gained access to the internal ticket platform through a vulnerability. Data was stolen, although the company emphasizes that no bank details or other “critical” data were taken.
The attack only affects the French branch of Eurofiber and its cloud division. The broader Eurofiber group, active on a 76,000 km fiber optic network in the Netherlands, Belgium, Germany and France, does not appear to be affected.
No Critical Data Stolen
Eurofiber France shares in a statement that the breach was resolved within hours of discovery. The ticket management system and cloud environment have been placed under high security. Furthermore, additional measures have been taken to prevent further leaks and improve overall security.
No bank details or other critical data were stolen, but Eurofiber does not disclose what data was actually stolen. The company only states that affected customers will be notified.
Hack Claimed
A cybercriminal named ByteToBreach claims on a forum that he has stolen data from 10,000 companies and government agencies, as discovered by BleepingComputer. He says he has screenshots, VPN configurations, passwords, certificates, source code, SQL backups, and email accounts that customers had submitted through the ticket system. The attacker is reportedly demanding a ransom to not publish the data.
Eurofiber France has in turn reported the incident to the French privacy watchdog CNIL and cybersecurity authority ANSSI, and has filed a complaint for extortion.