Â鶹´«Ã½Ó³»­

French telecoms provider SFR suffered a major cyberattack earlier this month, with the data of potentially millions of customers breached. 

The exact number of affected customers remains unclear, but the company informed users last week of “unauthorised access… [to an] IT tool used to manage our customers' fixed-line network connection work.â€� 

Information taken includes names, email and postal addresses, phone numbers, and customer reference numbers. The company however confirmed that user bank details were not compromised. 

Account holders impacted were informed by emails sent no later than December 18, 2025. If you have not been contacted you are not concerned.

It follows a major data leak from SFR in September 2024, which saw criminals steal information in a similar cyberattack. Soon after, fellow telecoms company Free was also hit by a similar attack. 

People with SFR accounts should therefore be extra vigilant in the coming days of potential scammers, who use information and data collecting in cyberattacks to engage in phishing scams. 

Information is either used directly by hackers or sold to scammers on the dark web. 

Pressuring tactics are often used, with scammers saying that unless the victim does something immediately – which usually involves sending a payment, handing over bank details, etc – something far worse will happen. 

Sometimes scammers pretend to be calling from your bank, and claim you are being impacted by someone trying to steal funds from your account and that you must follow their instructions to prevent it – when in reality, the information you feed them helps them infiltrate your account.

Further advice can be found in our article here.