The French Rugby Federation (FFR), victim of a cyberattack in early June, warned its licensees on Tuesday of possible disclosures of “personal data” on the “darkweb” and urged them to be vigilant to “any attempt of fraud”, in a letter of which AFP has read. According to the digital investigation report, “the hackers intended to extract information and documents (…), temporarily had access to a large volume of data stored on the FFR server and (.. .) some of this data contained in particular personal data likely to concern licensees”, explains the FFR.
“The exact nature and quantity of potentially exfiltrated data cannot, however, be precisely determined, at least at this stage,” she said. “Given the modus operandi of hackers (…), it is likely that some of this data will be disclosed on the dark web from June 27, the FFR having decided, in agreement with the gendarmerie services, not to give any following ransom demands,” she adds.
Consequently, the authority recommends to its approximately 265,000 licensees to “modify the passwords” of their various accounts and to be “particularly vigilant to any attempt at fraud, in particular by email or SMS”. Last Thursday, the FFR announced in a press release that it had been the target of a computer attack, on the night of June 7 to 8, “which had mainly affected the mail servers”.
“In terms of impact, the Federation was unable to recover the activity histories of some of the mailboxes that were encrypted during the attack,” she said at the time. Before concluding that the necessary measures had been taken “to minimize the impact of this attack on its activities and to avoid any recurrence in the future”. Several French hospitals have notably been the target of cyberattacks in recent months.
