Data leak at Syma Mobile
In September 2025, a database of 117,963 Syma Mobile customers — exposing names, dates of birth, postal and email addresses, phone numbers and ID-document details — was put up for sale on a dark-web forum alongside other French datasets.
- Victim
- Syma Mobile
- records
- 118.0K
On 3 September 2025, Syma Mobile — a French MVNO (mobile virtual network operator) acquired by Altice/SFR — was named as the source of a customer database offered for sale on a dark-web forum. The Syma file appeared alongside datasets attributed to optician chain Alain Afflelou and the Service National Universel, all advertised by the same seller.
The leaked database covered 117,963 customers and contained a rich set of personal and identity data. No public incident had been disclosed by Syma beforehand, and the exact intrusion vector was never confirmed; analysts suggested the data likely originated from a customer-management or KYC (identity-verification) system used for billing and account onboarding.
Exposed data categories included:
- First and last name
- Date of birth
- Postal address
- Email address
- Mobile phone number
- Identity-document type and number
Because the dataset included identity-document details, the exposure carries an elevated risk of identity fraud and targeted phishing against affected customers. As of reporting, the breach had not been officially acknowledged by Syma Mobile and the response status remains unclear.
Sources
- clubic.comhttps://www.clubic.com/actualite-577542-alerte-cybersecurite-des-bases-de-donnees-d-alain-afflelou-de-syma-mobile-et-du-snu-mises-en-vente-sur-le-dark-web.html