CNIL fines Free Mobile over GDPR breach
Regulatory/Legal Action
Summary
Hide ▲
Show ▼
CNIL imposed €42 million in fines on Free Mobile and Free over GDPR breaches tied to an October 2024 data breach that exposed information on nearly 23 million subscribers. The regulator said weak VPN authentication and poor detection let attackers target the company’s management tool and steal sensitive customer data for sale on a hacker forum. CNIL also ordered remediation within three months and excess data deletion within six months.
Related Happenings
ManoMano hit by network compromise
Incident
First: 26.02.2026 19:35
Last: 26.02.2026 19:35
Sources 1
About this happening:
ManoMano disclosed a **security incident** involving a **third-party customer service provider** that exposed customer data and affected **38 million individuals**. The compromise...
ManoMano hit by network compromise
IncidentAbout this happening: ManoMano disclosed a **security incident** involving a **third-party customer service provider** that exposed customer data and affected **38 million individuals**. The compromise...
Free Mobile subscriber data breach and forum sale attempt
Data Leak
First: 14.01.2026 21:50
Last: 14.01.2026 21:50
Sources 1
How related:
The company is the second-largest internet service provider in France and suffered a data breach in October 2024, exposing information of nearly 23 million mobile and fixed subscribers.
About this happening:
Free Mobile suffered a **October 2024** data breach that exposed information on **nearly 23 million** mobile and fixed subscribers. Attackers targeted the company's **management t...
Free Mobile subscriber data breach and forum sale attempt
Data LeakHow related: The company is the second-largest internet service provider in France and suffered a data breach in October 2024, exposing information of nearly 23 million mobile and fixed subscribers.
About this happening: Free Mobile suffered a **October 2024** data breach that exposed information on **nearly 23 million** mobile and fixed subscribers. Attackers targeted the company's **management t...
CNIL fines Google and Shein for cookie consent violations
Regulatory/Legal Action
First: 04.09.2025 13:09
Last: 04.09.2025 13:09
Sources 1
About this happening:
The **French CNIL** fined **Google** and **Shein** over **cookie consent violations**, adding major financial penalties to France's privacy enforcement. The regulator said both co...
CNIL fines Google and Shein for cookie consent violations
Regulatory/Legal ActionAbout this happening: The **French CNIL** fined **Google** and **Shein** over **cookie consent violations**, adding major financial penalties to France's privacy enforcement. The regulator said both co...
Timeline
-
14.01.2026 21:50 2 articles · 4mo ago
CNIL fines Free Mobile and Free over GDPR breaches
Legal Policy Action UpdateCNIL imposed cumulative fines of €42 million on Free Mobile and Free for inadequate protection of customer data, citing weak VPN authentication, ineffective detection of abnormal activity, excessive retention of personal data, and insufficient breach notification to affected subscribers; the regulator also ordered security measures to be completed within three months and excess customer data to be sorted and removed within six months.
Show sources
- France fines Free Mobile €42 million over 2024 data breach incident — www.bleepingcomputer.com — 14.01.2026 21:50
- France fines Free Mobile €42 million over 2024 data breach incident — www.bleepingcomputer.com — 14.01.2026 21:50