Article Details

France fines Free Mobile €42 million over 2024 data breach incident. The French data protection authority (CNIL) has imposed cumulative fines of €42 million on Free Mobile and its parent company, Free, for inadequate protection of customer data against cyber threats. The company is the second-largest internet service provider in France and suffered a data breach in October 2024, exposing information of nearly 23 million mobile and fixed subscribers. The hackers targeted the firm’s management tool and stole sensitive customer information to sell it later on a hacker forum. The offer came from an account named 'drussellx' and claimed that the attack impacted 19.2 million customers, and that the details included IBANs for roughly 25% people. Following an investigation into the incident, CNIL concluded that, despite Free improving its cybersecurity stance after the incident, its previous negligence violated several GDPR rules. "Following a large number of complaints (more than 2,500 to date) from individuals affected by this data breach, the CNIL carried out an inspection which revealed breaches of several obligations under the General Data Protection Regulation (GDPR) attributable to FREE MOBILE and FREE, each of which is the data controller for its own subscribers," the French agency said Specifically, the following violations have been found: The CNIL ordered both companies to complete their newly implemented security measures within three months, and required Free Mobile to finish sorting and removing excess customer data within six months. After the breach at Free Mobile, France experienced more customer-exposing or service-disrupting incidents on large telecommunication service providers. In July 2025, Orange France announced that it had detected a breach on its systems, causing operational disruptions. A month later, Bouygues Telecom suffered a data breach that exposed the sensitive data of 6.4 million customers. 7 Security Best Practices for MCP As MCP (Model Context Protocol) becomes the standard for connecting LLMs to tools and data, security teams are moving fast to keep these new services safe. This free cheat sheet outlines 7 best practices you can start using today.