Personal info of 800,000 Orange customers compromised
Posted on 04 February 2014.
Global telecom giant Orange has sent out alerts to nearly 800,000 (some 3 percent) of its French customers warning them that their personal information was compromised in a breach that took place on January 16.


The stolen data includes the customers' name, postal address, email address, phone number, and additional information about the composition of the household, the number of subscriptions household members have with Orange or competitors, and the customers' preference of how to be contacted.

The intrusion was terminated immediately after being detected, and the compromised web page - "My Account" in the client area of the Orange.fr website - taken offline for a while.

The company says that passwords haven't been compromised, but warns users that the information that was stolen is very useful for mounting phishing attacks. They explained why a phishing attack is, and urged affected customers to be on the lookout for them coming via email, SMS or telephone.

PC INpact (via Google Translate) reported that all French customers and not just the ones affected by the breach have already received a phishing warning around January 23, but that one didn't mention the intrusion.

The authorities have been notified of the breach and are investigating it, but no more details about how it was executed were shared.









Spotlight

Bash Shellshock bug: More attacks, more patches

Posted on 29 September 2014.  |  As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //