- FFF breached via compromised account, exposing members’ personal data but not passwords or banking information
- Stolen PII includes names, birth details, contacts and license numbers, creating phishing risks.
- The FFF terminated access, alerted authorities, and continues to face repeated cyberattacks in recent years.
The French Football Federation (FFF), the governing body of football in France, has lost personally identifiable information (PII) of an as yet undisclosed number of members. The agency confirmed the news in a press release, saying that the data was lost in a cyberattack.
This morning, the FFF said that anonymous threat actors used a “compromised account” to access the software it uses to carry out administrative management. He didn’t say what software it was or how the account was compromised, but we can assume it was through phishing credentials or data-stealing malware.
The attackers used their access to steal PII from FFF members, including full names, gender data, dates of birth, places of birth, nationality information, postal addresses, email addresses, telephone numbers, and membership or license numbers.
Phishing warning
While no passwords or banking information was taken, it is still enough data to target FFF members with personalized phishing emails, through which that data can be obtained later. That is why the FFF warned all customers to be careful with incoming communications, especially those that claim to come from the organization.
“We recommend that you exercise the utmost vigilance regarding any suspicious or unusual communications you may receive (SMS, phone call, email, etc.) that appear to come from the FFF, your club or another sender (for example, inviting you to open an attachment or asking you to provide your account details, passwords or banking information),” the press release reads.
The FFF said it canceled the compromised account, notified the relevant authorities, and added that it will also notify affected individuals.
The agency is a frequent target of cyberattacks. In March 2024, the FFF revealed that potentially around 1.5 million license records were compromised, and in February 2025, a second breach occurred, when attackers gained access to its license management system and stole personal data.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
