A major French telecommunications company, Corse GSM, has allegedly been hit by a massive data breach. It could have a potential impact on millions of its customers. The Corse GSM data breach claims was made by a threat actor, using the alias "ssh_xyz," on popular data hack site BreachForums. In the post, the threat actor claimed to have stolen a massive amount of data containing information on 200,000 users of the telecom company. The hacker claimed that the data was exfiltrated between May 3 and May 25, 2024. To support these claims, the TA included a sample of the data in JSON format, a common method for storing and transmitting data between servers and web applications.

Exploring the Corse GSM Data Breach

The threat actor provided a detailed sample dataset that provided a look into the kind of information that may have been compromised in the breach. The leaked data consists of: User Identification: This covers fields like ID and possibly other unique markers used by Corse GSM for tracking purposes. Personal Details: The breach reportedly involves customer information such as name, last name and phone number. Contact Info: It is said that hackers have also accessed customer email addresses. This raises concerns about targeted phishing attempts. Subscription Information: This may encompass subscription plans, internet packages, and other services subscribed to by customers of Corse GSM. Financial Information: The TA had shared details about the presence of fields like BIC (Business Identifier Code), IBAN (International Bank Account Number), and KYC (Know Your Customer) data. If the above information is true, then it could possibly leverage the risk of financial fraud or identity theft. Blacklist Status: If this data field is included in the leak, it might expose details of a customer who could be blacklisted by Corse GSM for reasons like missed payments or service violations.

Corse GSM Hacker Claims Possession of Financial Details of Customers

If the sample above seems like a precarious scenario for the privacy of customers, the hacker further alleged that the entire leaked database contains a much broader range of information, including: National Identity Card (CNI) Details: CNI or France’s National Identity Card details allegedly leaked by the threat actor could put citizens at huge security risk. The CNI contains fingerprint details, which is a major security breach if the corresponding data is compromised. SEPA Information: Single Euro Payments Area or SEPA data could include bank account details critical for financial transactions. The threat actor is seeking substantial sums for the database on the dark web, suggesting that the hacker believes the information holds significant value for malicious actors.

Corse GSM Yet to React to Data Breach Claims

Corse GSM has not reacted or issued any official statement regarding the alleged data breach. This article will be updated once the company responds to the allegations and takes action to prevent crucial data from being misused. Meanwhile, customers can take preventive steps like changing passwords and login credentials of accounts linked to Corse GSM. They should also be wary and not fall victim to phishing attempts. Fraudsters could use the leaked email addresses to send fraudulent links. They should also monitor their bank accounts linked to the subscription of Corse GSM mobile plans. They should also relay information of any suspicious activity to law enforcement authorities. The potential data breach at Corse GSM highlights the ever-present threat of cyberattacks and the importance of robust data security practices. Telecommunications companies handle a vast amount of sensitive customer information, making them prime targets for hackers. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.