Bouygues Telecom, France’s third-largest mobile carrier, has disclosed a cyberattack that compromised the personal data of 6.4 million customer accounts, making it one of the largest telecom-related breaches in the country in recent years.
In a statement published on its website, Bouygues confirmed it detected the breach on August 4. The company did not specify how long the attackers had access to its systems or when the breach was contained.
The compromised information includes customer contact details, contractual data, civil status, or company data in the case of professional accounts, as well as international bank account numbers (IBANs), according to a separate page on the Bouygues website aimed at affected users. The company currently serves about 26.9 million mobile customers.
The incident has been reported to France’s data protection authority, CNIL, as required under national and European privacy laws.
At the time of publication, the dedicated cyberattack information page on Bouygues’ website included a hidden “noindex” tag in the page’s source code. This HTML directive prevents search engines from listing the page in search results, making it difficult for the public to locate it without a direct link.
A spokesperson for Bouygues did not immediately respond to a request for comment seeking more details about the breach or clarification on why the information page was excluded from search indexing.
The announcement follows another cybersecurity incident at Orange, France’s largest telecom provider, which warned on July 29 of potential service disruptions due to a cyberattack. Orange, which serves over 290 million customers globally, said it had isolated affected systems as a precautionary measure.
