Eurofiber France discloses data breach

Published: 18 November 2025
Last updated: 18 November 2025
eurofiber-logo-band-aid

The French division of Eurofiber has suffered a data breach in which some customer information was exfiltrated. In the meantime, all systems have been secured.

The “cybersecurity incident” was detected on November 13th, 2025.

According to the company’s announcement, the attackers managed to gain access to the ticket management platform used by Eurofiber France and its regional brands, including Eurafibre, FullSave, Netiwan, and Avelia.

The attackers also succeeded in gaining access to an ATE customer portal, which corresponds to Eurofiber France's cloud division operating under the Eurofiber Cloud Infra France brand.

ADVERTISEMENT

Eurofiber believes that a software vulnerability on this platform has been exploited to steal data. Within the first hours of detection, the vulnerability was patched, and both the ticketing platform and the ATE portal were placed under enhanced security.

To prevent recurrence, additional security measures have been implemented. IT workers are now collaborating with external experts to support affected customers in managing the consequences of the incident, who were immediately informed as soon as the breach was detected.

What customer data has been stolen remains unclear. However, Eurofiber stresses that sensitive information such as banking details or other critical data was not affected. In addition, services remain fully operational and weren’t affected by the attackers.

A-folder-that-has-unknown-stolen-data
Image by Cybernews.
jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

Furthermore, the company states that the incident is limited to customers of Eurofiber France and its regional brands. It doesn’t affect customers using services of other Eurofiber entities on platforms in Belgium, Germany, or the Netherlands, including Eurofiber Cloud Infra in the Netherlands.

The company has reported the data breach to CNIL, France’s data protection authority, and ANSSI, France’s national cybersecurity agency. A police report has been filed for extortion.

On X, it is claimed that a threat actor called ByteToBreach is responsible for the incident. Allegedly, the attackers accessed EuroFiber’s entire GLPI database, obtaining client data, tickets, internal messages, passwords, and API keys, including administrator-only data.

ADVERTISEMENT

GLPI is open-source software for managing IT services and assets, and is used by enterprises, educational institutions, and local governments all around the world.

According to reports, the incident has affected over 3,600 clients, including prominent organizations such as Airbus, Thales, Orange, and Decathlon.

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT