Eurofiber admits crooks swiped data from French unit after cyberattack

November 17, 2025 TH Author

French telco Eurofiber says cybercriminals swiped company data during an attack last week that also affected some internal systems.

The B2B wholesale telco confirmed that only its French business was affected by the November 13 attack, including its cloud division and regional brands Eurafibre, FullSave, Netiwan, and Avelia.

In a disclosure published on Sunday, Eurofiber said attackers exploited a vulnerability in its ticket management platform and stole the data it stored. This did not include banking details or other critical data, it confirmed, and the vulnerability is now patched.

The telco did not specify the scale of the attack or how many individuals were affected in France but those located in Belgium, Germany, and the Netherlands are safe.

The overall impact on Eurofiber’s business was “limited,” it said, although some systems used by indirect sales and wholesale partners were affected operationally. Customer-facing services were “fully operational” throughout the incident, it added.

“In the first few hours following detection, the ticketing platform and the ATE portal were placed under enhanced security, and the vulnerability was patched,” the telco said.

“Additional measures have been implemented to prevent further data breaches and strengthen system security. Our teams, in collaboration with cybersecurity experts, are now focused on supporting clients in managing the impact of this incident.”

Eurofiber said it notified all affected customers and reported an extortion-related attack to French cybersecurity agencies CNIL and ANSSI, suggesting the attackers were holding the stolen data to ransom. It did not explicitly say whether this was the case, or if it paid.

“We reaffirm our commitment to data protection, cybersecurity, and transparency,” the disclosure added. “Our teams remain fully mobilized until the incident is completely resolved.”

Despite having a presence across multiple European countries, Eurofiber is not among the major players in the French telco space.

It specializes in B2B digital infrastructure sales rather than consumer offerings like those from Orange and Bouygues.

In its most recent annual results, it recorded €308 million ($357.3 million) in revenue, whereas Orange posted €9.9 billion ($11.4 billion) in Q3 2025 alone.

The attack on Eurofiber follows a string of others affecting B2B telcos in recent weeks, including Colt and ICUK, both of which suffered cyberattacks that affected service delivery.

ICUK was hit by two days’ worth of DDoS attacks in early October, temporarily knocking services offline, while Colt’s attack took much longer to remediate.

While the Warlock ransomware group claimed the attack, Colt has never stated that ransomware was involved in the August intrusion, but recovery work remains ongoing, although much of its service is now restored. ®