Those customers include France Telecom, UK bank Barclays, the British Royal Air Force, the Italian Army and Aérospatiale's missile division, among others.
The flaw was fixed about noon local time on Thursday. Bull -- IBM's main competitor in France -- told ZDNet France that the hole had appeared that morning.
The breach allowed any surfer access to highly sensitive information -- including, for example:
Which servers are installed in the missile branch of Aérospatial;
Details on the type and location of servers used for the French national police database of stolen vehicles;
Information on current Barclays projects;
French bank Credit Agricole's security initiatives;
The phone number of the billing supervisor at France Telecom;
Information on the UK's Royal Air Force.
The information was available on a Web site that contains an international database for Bull employees, with real-time customer information.
Many companies -- both French and foreign -- have access to small subsets of the information, including confidential Word documents. The indexed firms include finance, defense, health and energy companies, among others.
Many of the Web pages date from 1998 or 1999, but some were recently updated.
Most of the information was supposed to remain confidential, especially the names and telephone numbers of persons in charge of sensitive sectors such as defense.
In addition, the documents offer a wealth of information for the companies' competitors.
The site was supposed to be password-protected, as well.
The security hole was uncovered by the Kitetoa site, which was created to spot these kinds of flaws. Ironically, the site runs on Lotus Domino, which is owned by competitor IBM (ibm).
Bull representatives attempted to downplay the incident.
"Only one of our servers was briefly accessible. We acknowledge the error, but it was the result of human error," the director of data processing told ZDNet France.
Still, the incident is a blow for France-based Bull, which operates in more than 100 countries.
The company's former BullSoft division, recently spun off as independent subsidiary Evidian, has just started doing business in the United States.
Evidian publishes security and administration software for Internet servers.
Bull, meanwhile, recently teamed with Certplus to provide "Internet security applications" such as secure e-mail.