Bouygues Telecom has disclosed a data breach that exposed sensitive customer information, including IBANs and personal details tied to user subscriptions.
The company has begun notifying affected individuals by email and SMS, warning them to remain vigilant against potential fraud attempts.
The cyberattack was detected on August 4, prompting a rapid internal response to contain the intrusion and investigate its scope. According to Bouygues, the attacker gained access to a limited set of information, including contact details, civil status or business identity (for professional clients), contract data, and bank account identifiers (IBANs). Crucially, passwords and credit card numbers were not compromised.
The breach was identified by the company’s internal technical teams, who acted swiftly to block malicious access and reinforce defensive controls. A formal complaint has been filed with French judicial authorities, and the CNIL, France’s national data protection authority, has also been notified.
Bouygues Telecom is one of the largest telecommunications operators in France, serving millions of residential and business customers with mobile, broadband, and digital TV services. It operates extensive infrastructure across the country and competes directly with other major players such as Orange and SFR.
While the company did not disclose technical specifics such as the attack vector or threat actor, it acknowledged that cyberattacks are increasingly common and evolving in sophistication. Bouygues claims its teams reacted promptly to end the breach and prevent further exposure but cautions that exposed information may be misused in impersonation attempts or social engineering schemes.
The incident comes just days after Orange France revealed a separate cyberattack that disrupted several business-facing platforms, although in that case, no data exfiltration was confirmed. The close timing of both disclosures raises concerns about a possible coordinated campaign targeting French telecoms, a pattern reminiscent of recent multi-pronged operations against telcos in other regions.
Bouygues has urged affected customers to monitor their bank accounts for suspicious activity and remain cautious of fraudulent calls or emails. Attackers may attempt to exploit the leaked IBANs and other personal details to pose as Bouygues representatives, banks, or insurance companies.
Leave a Reply