French Telco Reports Second Breach
Hacker Gains Unauthorized Access to Mailing PlatformThe French telecommunications company Orange is reporting its second hacker attack in recent months, this time affecting certain customers and prospective clients.
See Also: Are You APT-Ready? The Role of Breach and Attack Simulation
While a spokesperson for the telecom company, which provides services throughout Europe, would not confirm the number of individuals affected, Reuters is reporting the total is 1.3 million.
Orange discovered on April 18 that an intruder gained unauthorized access into one of the company's mailing and SMS platforms, which it uses for commercial campaigns in France, a company spokesperson told Information Security Media Group on May 7. The access allowed the intruder to copy a limited amount of personal data.
The intruder potentially gained access to the names of certain customers and prospective clients in France. For a limited number of affected individuals, e-mail addresses, mobile and landline numbers, the identity of the person's Internet operator and dates of birth also were exposed, the spokesperson says.
"All necessary actions have been implemented to correct the relevant technical dysfunctions and to prevent any new illegitimate access to this data," the Orange spokesperson says.
Past Incident
In February, the company reported that personal data on about 800,000 of its Internet customers in France were compromised after hackers gained access to the client section of its orange.fr website (see: Breach Hits French Telecom Operator).
Once the compromise was discovered, the "My Account" page was closed and technical measures were immediately taken to stop the attack, a company spokesperson said. Information exposed included names; mailing addresses; e-mail addresses; account IDs, which are not usable because certain numbers were "masked or truncated;" and telephone numbers, the spokesperson said. The hackers did not access passwords.