Breach cyber

Bouygues

Aug 6, 2025 1 min read
Bouygues

A client of Bouygues reported concerns about a significant data leak involving IBAN details, suggesting potential unauthorized SEPA mandate validations. The client expressed frustration over the lack of security measures, highlighting the risk of fraudulent transactions and unauthorized subscriptions linked to their IBAN. The issue raises questions about the banking system's competence and the responsibility placed on customers to monitor their accounts for fraudulent activity.

Source: https://www.clubic.com/actualite-575307-bouygues-telecom-pirate-des-millions-de-clients-touches-ce-qu-on-sait-de-la-cyberattaque.html

TPRM report: https://www.rankiteo.com/company/bouygues

"id": "bou352080725",
"linkid": "bouygues",
"type": "Breach",
"date": "8/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Telecommunications',
                        'name': 'Bouygues',
                        'type': 'Company'}],
 'data_breach': {'personally_identifiable_information': 'IBAN',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'IBAN, SEPA mandate information'},
 'description': 'Client Bouygues depuis peu, j’imagine vu la taille de la '
                'fuite qu’il y a de grande chance que je sois concerné. Et '
                'j’avoue ne pas comprendre cette histoire de payer par IBAN de '
                'mémoire et j’en suis quasiment certain ma banque ne m’a '
                'jamais demandé de validé de mandat SEPA à la souscription. Si '
                'le risque de confirmer dès versements sans faire attention '
                'semble faible, voir plusieurs personne souscrire a des '
                'abonnement via mon IBAN me semble déjà plus probable. '
                'J’appellerai ma banque pour savoir mais s’il existe vraiment '
                'des entreprises capable de se faire valider automatiquement '
                'des mandat SEPA par les banques, alors il est clair que '
                'l’IBAN est l’une des pire faille de sécurité jamais faite, et '
                'ce par pure incompétence du système bancaire qui en plus '
                'viens se défausser sur vous pour que vous fassiez vous même '
                'la veille sur vos comptes pour signaler les virement '
                'frauduleux. Je ne vois pas comment on peut encore autorisé un '
                'processus pareil.',
 'impact': {'data_compromised': 'IBAN, SEPA mandate information',
            'identity_theft_risk': 'High',
            'payment_information_risk': 'High'},
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

Gainsight

public 2 min read
Gainsight experienced a security breach involving its Salesforce-connected app, where suspicious activity was detected. While the company’s CEO, Chuck…
Jeremy C Jeremy C
Breach cyber

Gainsight

public 2 min read
Gainsight, a customer success platform, suffered a breach linked to its Salesforce-connected app, initially flagged by Salesforce due to unusual…
Jeremy C Jeremy C
Breach cyber

Gainsight

public 2 min read
Gainsight, a customer success management software firm, experienced a breach in its systems that compromised Salesforce customer tokens. The incident…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.