Fixxx
Moder
- Joined
- 20.08.24
- Messages
- 941
- Reaction score
- 3,707
- Points
- 93
Eurofiber France disclosed a data breach it discovered late last week when hackers gained access to its ticket management system by exploiting a vulnerability and exfiltrated information. Eurofiber France SAS is the French unit of the Eurofiber Group N.V., a Dutch telecommunications service provider that operates a fiber network of 76,000 km across the Netherlands, Belgium, France, and Germany. The company specializes in providing digital infrastructure for businesses, rather than the consumer market. The cybersecurity incident impacts only the French division of the group, the company says in the announcement, including its cloud division (ATE portal) and its regional Eurafibre, FullSave, Netiwan, and Avelia sub-brands. In a press release, the company states that the impact is minimal for indirect sales and wholesale partners in France, as most of them rely on separate systems.
Although the company said that banking details or other “critical data” stored on its other systems were not affected by this incident, it did not specify exactly what types of data were stolen, only mentioning that it would notify affected customers.
A threat actor calling themselves ‘ByteToBreach’ claimed the attack on a data leak forum, alleging that they stole data belonging to 10,000 businesses and even government entities, all clients of Eurofiber. The threat actor claims to be holding data that the clients uploaded to the ticketing system, including screenshots, VPN configuration files, credentials, source code, certificates, archives, email accounts as files, and SQL backup files.
Eurofiber France said it has notified the French data protection agency (CNIL) as well as ANSSI - the country's cybersecurity agency, and filed a report for extortion, indicating that the threat actor has demanded payment to not leak the stolen data. Last August, another French telecommunications service provider, Bouygues Telecom, suffered a data breach that exposed the personal data of 6.4 million customers. Earlier, in July 2025, Orange France disclosed a cybersecurity breach on its network, though it has not confirmed data theft as of yet.
“In the first hours following detection, the ticketing platform and the ATE portal were placed under enhanced security, and the vulnerability was patched,” mentions Eurofiber France. “Additional measures have been implemented to prevent any further data leaks and strengthen system security.”
Although the company said that banking details or other “critical data” stored on its other systems were not affected by this incident, it did not specify exactly what types of data were stolen, only mentioning that it would notify affected customers.
Threat actor claims breach
A threat actor calling themselves ‘ByteToBreach’ claimed the attack on a data leak forum, alleging that they stole data belonging to 10,000 businesses and even government entities, all clients of Eurofiber. The threat actor claims to be holding data that the clients uploaded to the ticketing system, including screenshots, VPN configuration files, credentials, source code, certificates, archives, email accounts as files, and SQL backup files.
*threat actor claiming the attack.
Eurofiber France said it has notified the French data protection agency (CNIL) as well as ANSSI - the country's cybersecurity agency, and filed a report for extortion, indicating that the threat actor has demanded payment to not leak the stolen data. Last August, another French telecommunications service provider, Bouygues Telecom, suffered a data breach that exposed the personal data of 6.4 million customers. Earlier, in July 2025, Orange France disclosed a cybersecurity breach on its network, though it has not confirmed data theft as of yet.