Cyber Incident Victim: SFR

On or around August 9, 2022, the Altice Group experienced a ransomware attack attributed to the Hive group, targeting an internal network within its financial holding division. The attack was initially disclosed by RedPacket Security prior to Altice’s official confirmation. Altice France, which includes telecommunications subsidiary SFR and its customer bases (SFR, RED by SFR), clarified that its operational perimeter was unaffected. The company confirmed the incident in a statement to Clubic, specifying that the compromise was isolated to the financial holding’s infrastructure. Altice stated it had contained the impacts, restored all services, and returned the holding to full operational status, though the duration or severity of operational disruption was not detailed.

The attack did not compromise sensitive data, including customer information, commercial partner data, or financial partner details, according to Altice’s assessment. The company emphasized compliance with GDPR obligations, asserting no legal requirement to report a customer data breach existed due to the absence of such exposure. Altice publicly condemned the attack, issuing strong criticism against the perpetrators and labeling the incident as a "vile" act. No evidence suggested operational disruptions extended beyond the financial holding, and no ransomware payment or data exfiltration claims were acknowledged in the provided statement. The incident was declared resolved following service restoration, with no further technical or financial consequences disclosed.