French authorities have fined Free Mobile €42 million for failing to adequately protect customer data, following a major data breach exposing millions of users in October 2024. Despite improvements, the company violated several GDPR rules, highlighting ongoing vulnerabilities in telecommunication cybersecurity. #GDPR #FreeMobile #DataBreach
Keypoints
- Free Mobile suffered a significant data breach affecting nearly 23 million customers in October 2024.
- The hackers targeted the company’s management tool and sold stolen customer information on hacker forums.
- CNIL fined Free Mobile €42 million for violations of GDPR, including inadequate data security measures.
- Failures included weak VPN authentication and poor detection of abnormal activity, which facilitated the attack.
- Regulators ordered Free Mobile to implement stronger security and delete excess personal data within set deadlines.