Overview
- Prosecutors say about one million current and former FFTir licensees had personal data stolen in mid‑October via a compromised internal account, including license numbers, civil status, postal addresses, emails and phone numbers.
- The stolen FFTir data has been used for targeted burglaries and impersonations of police, with reported thefts in Limoges, near Lyon and in Nice, where two suspects were arrested and placed in provisional detention as a judicial investigation was opened for organized fraud.
- France’s BL2C cybercrime unit is leading the FFTir probe for unauthorized access and data extraction after the intrusion was identified by the federation’s IT provider and referred to authorities.
- Separately, the FFF disclosed on November 27 that a compromised account on club‑management software led to a data theft involving names, birth details, nationality, contact information and license numbers; the account was disabled, passwords reset, a complaint filed, and ANSSI and CNIL notified.
- The FFF notes this is its third incident in under two years and urges vigilance against suspicious communications, while FFTir apologizes, says no medical, banking or weapon‑authorization data were exposed, and advises members not to admit unverified visitors and to call 17.