The official Orange website was breached by unknown hackers who have stolen 800,000 customer records including names, email addresses and phone numbers.
Orange, the world’s largest mobile operator, suffered a data breach. Another clamorous case, after the one occurred to Vodafone in Iceland, according first information, data of more than 800,000 customers of giant has been exposed. Orange publicly announced it was targeted by unknown hackers last 16th January 2014, the attackers gained access to the accounts of the Orange website.
The news was issued by different media, PCInpactreports that the “My Account” section of the website was the target of an attack Thursday, January 16 and added that the site is back to normal.
French news portal Les Echos also reported the news of the attack, the company has already started the incident response procedure, it has warned its customers with the above official email. The hackers have violated the Client Area of the website, accessing of personal data of the customers, including names, mailing address, email, landline and mobile phone numbers. It seems that personal data of 3% clients have been stolen, but the passwords are not affected.
“Passwords were not affected and less than 3% of customers, approximately 800,000 people were affected” said the technical director, Laurent Benatar.
The principal risk in these cases is represented by the possibility that stolen data are used for further attacks, let’s think to spear phishing attacks or phishing attacks to steal sensitive information like banking credentials.
To the Orange customers it is suggested to immediately change their password, and if it is used on other web services to change them asap to avoid that hacker will also violate other accounts belonging to the Orange customers.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.