Free.fr Data Breach: 8 Million French ISP Records Exposed
HEROIC's DarkHive intelligence system uncovered the Free.fr database breach, which exposed 8,038,688 records from the major French internet service provider. The incident occured in October 2024 and was first detected on October 21, 2024, when a database dump containing detailed customer information appeared on breach forums and Telegram channels. The exposed records included email addresses, phone numbers, full names, and dates of birth belonging to millions of Free.fr subscribers across France.
Why This Is Dangerous
Free.fr is a primary ISP and telecommunications provider for millions of French households, meaning the data in this breach represents the digital identity of a significant portion of France's internet-connected population. With full names, phone numbers, email addresses, and dates of birth all exposed together, attackers have everything needed to conduct convincing impersonation, account takeover, and social engineering attacks. The combination of contact and identity data enables criminals to bypass knowledge-based authentication questions and convincingly pose as victims to banks, insurers, and government agencies.
What Was Exposed
- Email Addresses
- Phone Numbers
- Dates of Birth
- First Names
- Last Names
Why This Matters
When 8 million people's contact and identity details are released on criminal forums, the downstream risk extends far beyond the ISP itself. Phishing campaigns using recieved personal details become dramatically more convincing because attackers can address victims by name, reference thier service details, and tailor messages to thier known demographics. Affected users face elevated risk of SIM-swapping attacks, where criminals use the stolen personal data to convince mobile carriers to transfer control of a phone number, bypassing two-factor authentication on banking and email accounts. Organizations with French employees or customers should also be aware that social engineering attempts targeting those individuals may now be more sophisticated.
How Database Breach Works
Database breaches typically occur when attackers exploit vulnerabilities in web application code, gain access through compromised administrator credentials, or find misconfigured database servers exposed to the internet. Once inside, they use SQL injection or direct database access tools to export entire tables of customer data. The extracted data is then compressed and sold on criminal forums or posted publically as leverage against the organization. ISPs are high-value targets because they hold verified contact information and billing data on large numbers of customers, making the stolen data immediately useful for fraud.
Check If You Are Affected
HEROIC offers a free identity scanner that searches over 400 billion records, including data from breaches like the Free.fr incident from October 2024. Visit heroic.com to scan your email address and find out if your personal information was exposed in this or any other known data breach.
Breach Breakdown
8,038,688 passwords exposed. Is yours one of them?
Enter your email to scan this breach plus 400B+ other leaked records. If you're compromised, we'll show you exactly where and what to change.
Free forever · No account required · Results in seconds