Paris, France – Bouygues Telecom, France's third-largest mobile operator, has confirmed a significant cyberattack that resulted in unauthorized access to the personal data of 6.4 million customer accounts. The telecommunications giant detected the breach on August 4, 2025, and publicly announced the incident on August 6, 2025, stating that the situation was "resolved as quickly as possible" by its technical teams.
The compromised data includes customers’ contact information, contractual details, civil status, and International Bank Account Numbers (IBANs). For professional clients, company data was also accessed. Bouygues Telecom emphasized that no credit card numbers or Bouygues Telecom account passwords were among the stolen information, aiming to mitigate immediate financial security concerns for its users.
The company has reported the cyberattack to France’s data protection agency, the Commission Nationale de l’Informatique et des Libertés (CNIL), and has filed a complaint with judicial authorities. Affected customers are being notified directly via SMS and email, although the incident has raised concerns about potential fraud and phishing risks.
This incident follows closely on the heels of another cyberattack targeting Orange, France’s largest telecom provider, in late July 2025. While Orange reported service disruptions and isolated affected systems, it did not confirm a breach of customer data. The back-to-back attacks underscore growing cybersecurity challenges within the French telecommunications sector.
Bouygues Telecom, which serves approximately 26.9 million mobile subscribers, has implemented additional security measures and increased monitoring in response to the breach. The company faced scrutiny after TechCrunch reported that a dedicated webpage informing customers about the attack contained a hidden "noindex" tag, making it difficult for search engines to discover.