La Post Mobile (LPA), the mobile virtual network operator (MVNO) created by the French postal service, suffered a ransomware attack last week that may have compromised users’ personal data

On July 4th, MVNO LPA was hit with a major ransomware attack, severely limiting the company’s administrative and management capabilities. 

Today, one week later, the company’s website is still down, instead replaced with an explanation of the cyber-attack.

“As soon as we became aware of this incident, we took the necessary protective measures by immediately suspending the computer systems concerned. This protective action has led us to temporarily close our website and our customer area,” explained the company in a statement.

LPA, which provides services using SFR’s mobile network infrastructure, says the attack has not had any effect on the company’s ability to deliver services to customers, but warns that some of its users’ personal data may have been compromised.  

“Our first analyses establish that our servers essential to the operation of your mobile line have been well protected. On the other hand, it is possible that files present in the computers of La Poste Mobile employees have been affected. Some of them may contain personal data,” continued the statement. 

It is currently unclear how much data may have been compromised in the attack, as well as the size of any ransom being sought.

The attack was seemingly perpetrated by the ransomware group LockBit, which recently introduced a new version of its ransomware called ‘LockBit 3.0’. 

Cybersecurity analysts have noted a huge boost in LockBit activity in recent months, with some suggesting that the group has been more prolific in Q1 2022 than Conti, the group which held the ignominious title of the most active ransomware group in 2021.

The scale and severity of ransomware attacks in the telecoms industry and beyond has been rising steadily in recent years, with SonicWall recording 495 million ransomware incidents globally in 2021, a 148% increase on 2020.

Telcos, with their enormous reserves of consumer data and near-vital services, are naturally very appealing targets for cybercriminals. In 2020 alone there were two high profile ransomware attacks against the telecoms sector, with both Telecom Argentina and Orange falling victim to separate ransomware groups.

As the arms race between cybersecurity and cybercriminal technology rages on, the telco industry will become more and more of a battlefield.


How can you best secure your network against the surge in ransomware attacks? Join the operators and their partners live in London for the Total Telecom Congress to learn more

Also in the news: