The Inquirer-Home

Hackers blag personal information from Orange servers

Someone is taking the pith
Thu May 08 2014, 13:56
Security threats - password theft

TELECOMS firm Orange has warned its customers about a hacking attack on its systems that placed their personal data in harms way.

While no credit or debit card was lost, other information has been taken. Orange said that its users should be wary.

"On 18 April, Orange identified an illegitimate access on a technical mailing and SMS platform, which it uses for its commercial campaigns in France. This access entailed the copy of a limited amount of personal data concerning certain customers and identified prospective customers," it said.

"For the people concerned, the data recovered includes their first names and surnames. In addition, depending on the information supplied, e-mail addresses, mobile and fixed-line phone numbers, the identity of the person's internet operator and their date of birth, were also recovered."

The information related to 1.3 million punters, and both current and potential customers. It is possible that the number of potential victims will fall after this, as it is Orange's second hack in recent times.

"Orange must have something of a red face right now, as it has found itself in the embarrassing position of admitting that hackers have made away with customer information for the second time this year," commented security watcher Graham Cluley.

To massively misquote Oscar Wilde, "To lose your customers' data once may be regarded as a misfortune; to lose it twice begins to look like carelessness."

In February Orange confessed to a customer data loss that affected some 800,000 of its French users. Then, as now, Orange said that financial data was untouched.

Orange is not the only firm to ever lose customer data to hacking and this year US retail chain Target parted with both the details of hundreds of millions of its users and its CIO.

"To ensure that Target is well positioned following the data breach we suffered last year, we are undertaking an overhaul of our information security and compliance structure and practices at Target," said the firm in March.

"As a first step in this effort, Target will be conducting an external search for an interim CIO who can help guide Target through this transformation."

Orange said that it has notified everyone who might be affected, and is working to limit any "new illegitimate access" to the data. µ


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

INQ Poll

Happy new year!

What tech are you most looking forward to in 2015