Personal info of 800,000 Orange customers compromised
Posted on 04 February 2014.
Global telecom giant Orange has sent out alerts to nearly 800,000 (some 3 percent) of its French customers warning them that their personal information was compromised in a breach that took place on January 16.


The stolen data includes the customers' name, postal address, email address, phone number, and additional information about the composition of the household, the number of subscriptions household members have with Orange or competitors, and the customers' preference of how to be contacted.

The intrusion was terminated immediately after being detected, and the compromised web page - "My Account" in the client area of the Orange.fr website - taken offline for a while.

The company says that passwords haven't been compromised, but warns users that the information that was stolen is very useful for mounting phishing attacks. They explained why a phishing attack is, and urged affected customers to be on the lookout for them coming via email, SMS or telephone.

PC INpact (via Google Translate) reported that all French customers and not just the ones affected by the breach have already received a phishing warning around January 23, but that one didn't mention the intrusion.

The authorities have been notified of the breach and are investigating it, but no more details about how it was executed were shared.









Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //