- FFF breached via compromised account, exposing members’ personal data but not passwords or banking info
- Stolen PII includes names, birth details, contacts, and license numbers, enabling phishing risks
- FFF terminated access, alerted authorities, and continues facing repeated cyberattacks in recent years
The French Football Federation (FFF), the nation's governing body for the sport, has confirmed it lost personally identifiable information (PII) on a yet undisclosed number of members.
The group confirmed the news in a press release, in which it said the data was lost in a cyberattack where unnamed threat actors used a “compromised account” to access software it uses to carry out administrative management.
The attackers used their access to steal PII on FFF members, including full names, gender data, birth dates, places of birth, nationality information, postal addresses, email addresses, phone numbers, and membership or license numbers.
Phishing warning
The FFF did not say which software that was, or how the account was compromised, but we can assume it was either through phished credentials, or via infostealer malware.
While passwords and banking information were not taken, this is still enough data to target FFF members with tailored phishing emails, through which that data can later be obtained. That is why the FFF warned all customers to be wary of incoming communications, especially those claiming to come from the organization.
“We recommend that you exercise the utmost vigilance regarding any suspicious or unusual communications you may receive (SMS, phone call, email, etc.) that appear to come from the FFF, your club, or another sender (for example, inviting you to open an attachment or asking you to provide your account details, passwords, or banking information),” the press release reads.
The FFF said it terminated the compromised account, notified the relevant authorities, and added that it will notify affected individuals, as well.
The agency is a frequent target for cyberattacks. In March 2024, the FFF disclosed that potentially about 1.5 million license records were compromised, and in February 2025, a second breach occurred, when attackers gained access to its license-management system and stole personal data.
Via BleepingComputer
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
