Skip to content
Data breachUnknown

Data leak at Syma Mobile

In September 2025, a database of 117,963 Syma Mobile customers — exposing names, dates of birth, postal and email addresses, phone numbers and ID-document details — was put up for sale on a dark-web forum alongside other French datasets.

Victim
Syma Mobile
records
118.0K

On 3 September 2025, Syma Mobile — a French MVNO (mobile virtual network operator) acquired by Altice/SFR — was named as the source of a customer database offered for sale on a dark-web forum. The Syma file appeared alongside datasets attributed to optician chain Alain Afflelou and the Service National Universel, all advertised by the same seller.

The leaked database covered 117,963 customers and contained a rich set of personal and identity data. No public incident had been disclosed by Syma beforehand, and the exact intrusion vector was never confirmed; analysts suggested the data likely originated from a customer-management or KYC (identity-verification) system used for billing and account onboarding.

Exposed data categories included:

  • First and last name
  • Date of birth
  • Postal address
  • Email address
  • Mobile phone number
  • Identity-document type and number

Because the dataset included identity-document details, the exposure carries an elevated risk of identity fraud and targeted phishing against affected customers. As of reporting, the breach had not been officially acknowledged by Syma Mobile and the response status remains unclear.

Sources

  1. clubic.comhttps://www.clubic.com/actualite-577542-alerte-cybersecurite-des-bases-de-donnees-d-alain-afflelou-de-syma-mobile-et-du-snu-mises-en-vente-sur-le-dark-web.html

Related incidents

Data breachContained

Leak at Altitude Infra

Altitude Infra, a major French independent fiber-optic infrastructure operator, had ~5.76 GB (52 files) stolen from a partner extranet and offered for sale online, exposing network documentation, ISP-partner files and end-customer eligibility data across its 3M+ connected locations.

Victim
Altitude Infra
Data breachContained

Leak at Red by SFR

In December 2025, French telecom operator SFR disclosed a data breach affecting Red by SFR customers, exposing names, postal and email addresses, phone numbers and customer reference numbers after an internal fiber-connection management tool was compromised.

Victim
Red by SFR
Data breachContained

Leak at Eurofiber

In November 2025, Dutch fibre-network operator Eurofiber's French unit was breached via an SQL-injection flaw in its outdated GLPI ticketing system, exposing technical and credential data tied to more than 3,600 customer organisations, including major firms and public bodies.

Victim
Eurofiber