Update of February 4 at 3:30 p.m.
While EDF and Conforama have not announced any data leaks, everything suggests that Varun lied in his communications on BreachForums. The idea of a communication operation based on credential stuffing, or data recycling, is tending to be confirmed.
—————————————————–
Data leaks continue to multiply in France. On the criminal platform BreachForums, a cybercriminal who calls himself Varun has put up for sale several compromised databases belonging to French entities. The directories, identified by researcher Clément Domingo, are offered to the buyer who offers the best price.
15 million French people concerned
Initially, Varun put up for sale the data of Conforama customers, the chain of stores specializing in furniture and home decoration. The ad, consulted by 01Net, indicates that the directory includes the data of 9,300,000 people.
Among the data put up for sale are the name, full postal address with floor number and apartment number, telephone number, email, profile information, order information (products purchased, delivery store, latitude and longitude, etc.), date of birth, preferences, and customer loyalty card. According to Varun, the data extraction took place recently, early last week.
Soon after, the hacker claimed responsibility for an attack on EDF, the French state-owned electricity company.
The intrusion compromised the data of 6,300,000 EDF customers. Here again, sensitive information was compromised, such as name, gender, full postal address, telephone number, email, customer reference, telephone number (mobile and/or landline), file number, creation date, type of work, bonus status, estimated bonus amount, bonus amount awarded, and PDF documents shared with EDF.
Between Conforama and EDF, the data of more than 15 million French people was potentially found on the web, within reach of cybercriminals.
Data soon to be sold?
By his own admission, Varun is also responsible for the cyberattack against E.LECLERC. This data leak has been confirmed by the entity concerned. Everything therefore suggests that the cybercriminal is not lying, especially since he has published several credible samples. At this point, however, we will take the hacker's assertions with a grain of salt.
He also claims a computer attack against the official website of the city of Pont-de-Claix and the theft of data from the wholesale insurance broker Kiassure.
According to information gleaned by Clément Domingo, Varun has received several offers from buyers. It is likely that some directories, including the Conforama database, will be quickly sold to the highest bidder. Unsurprisingly, the hacker demands payment in cryptocurrencies, namely Bitcoin, Monero or Litecoin. To negotiate, he encourages his peers to contact him via Telegram, the preferred messaging service of cybercriminals.
De facto, a new mountain of personal data is likely to flood the web in the near future. This data risks increasing the risks that weigh on the French since the repeated data leaks of last year.
0 Comments