Here’s the kind of data for ~20 millions Free users, as you can see exposed customers’ data includes First and last names, Phone numbers, Full postal addresses, Dates of birth, Emails, and more. :
id, login, identity.civility, identity.email, identity.status, identity.birthDate, identity.birthDepartment, identity.birthCountry, identity.createdAt, identity.modifiedAt, identity.firstname, identity.lastname, address.postalCode, address.streetName, address.city, address.supplement, address.freeboxId, offer.id, offer.accountId, offer.metaOfferId, offer.msisdn, offer.createdAt, offer.modifiedAt, offer.status, offer.internalStatus, offer.haveBarring, offer.offerName, offer.offerDescription, offer.offerPrice, 92829, offer.anniversaryDay, offer.activationDate, offer.overConsumption, offer.canTerminate, offer.posterioriPorta, account.id, account.login, account.parent, account.createdAt, firstActivationLine.prestaId, firstActivationLine.activationDate, firstActivationLine.status, firstActivationLine.description, flags.msisdnTakeover, flags.MNPMsisdn, moboUrl, canSendSim.return, subscriptionCanal, haveLessThanAYearTerminatedMobileLoan, haveActiveMobileLoan, haveActiveChild, sav4gBoxAvailable, canBeAccountAssociate
The IBAN leak affects ~5 millions of these users