Main Menu
,

Orange Group Confirms Data Breach, Hacker Leaks Internal Documents

A hacker leaked thousands of Orange Group's internal documents. The breach compromised user records and employee data. Orange Group confirmed the incident.
Facebook Twitter Youtube Linkedin
Orange Group Confirms Data Breach, Hacker Leaks Internal Documents
Table of Contents
    Add a header to begin generating the table of contents

    Orange Group Breach: Hacker Leaks Thousands of Documents

    A significant security incident has impacted Orange Group, a leading French telecommunications company. A hacker, using the alias Rey and claiming affiliation with the HellCat ransomware group, has leaked thousands of internal documents. This Orange Group confirms breach involves sensitive data.

    Details of the Orange Group Data Breach

    The stolen data primarily originates from Orange’s Romanian branch. The leaked information includes:

    • 380,000 unique email addresses.
    • Source code.
    • Invoices and contracts.
    • Customer and employee information.
    • Partial payment card details.

    Rey stated the breach wasn’t a ransomware attack. They accessed Orange’s systems for over a month. Data exfiltration lasted approximately three hours undetected. Some data was outdated. Many payment card details had expired. The leak also contains information on Yoxo customers. This is Orange’s subscription service without a contract period.

    Orange data leak posted on a hacker forum

    Orange data leak posted on a hacker forum

    Rey claims they obtained access by exploiting compromised credentials. They also utilized vulnerabilities in Orange’s Jira software and internal portals. Nearly 12,000 files (6.5GB) were stolen. A ransom note was left, but Orange didn’t negotiate.

    Orange Group stated the breach occurred on a non-critical application. An investigation is underway to minimize the impact.

    “Orange can confirm that our operations in Romania have been the target of a cyberattack,”

    “We took immediate action, and our top priority remains protecting the data and interests of our employees, customers and partners. There has been no impact on customers’ operations, and the breach was found to occur on a non-critical back office application.”

    The company is committed to providing updates and complying with legal obligations. They are cooperating with authorities.

    Impact and Prevention

    This Orange Group confirms breach highlights the importance of robust cybersecurity practices. Regular security audits, employee training, and patching vulnerabilities are crucial.

    For more information on preventing similar breaches, see our articles on Ransomware and Cybersecurity.

    Staying informed about the latest threats is also vital. Read our weekly cybersecurity news.

    Trending
    Genea IVF Clinic Data Leak: Medical Records, Addresses, and Phone Numbers at Risk
    CISA Warns of Craft CMS Code Injection Flaw
    Vivifi Data Leak: Millions of Loan Applicants’ Data Exposed
    Bybit Hack: $1.5 Billion Ethereum Theft in Biggest Crypto Heist Ever
    Cyber Attack on Rainbow District School Board Had Personal Data Stolen in Data Leak
    This Week In Cybersecurity: 17th February to 21st February
    Chinese Hackers from Salt Typhoon Deploy Custom Malware in US Telecom Cyberespionage Campaign
    CISA and FBI Report Ghost Ransomware Breached 70 Countries
    Black Basta Ransomware Data Leak Exposes Internal Communications and Targets
    Darcula PhaaS 3.0 Auto-Generates Phishing Kits for Any Brand

    Daily Briefing Newsletter

    Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

    Related Posts
    Boys & Girls Clubs of Tennessee Valley Data Breach Exposes Sensitive Information

    Boys & Girls Clubs of Tennessee Valley Data Breach Exposes Sensitive Information

    IT Service Provider Hack in Russia Puts Financial Sector on High Alert

    IT Service Provider Hack in Russia Puts Financial Sector on High Alert

    Lucent Health Data Breach: Law Firm Investigates Legal Claims

    Lucent Health Data Breach: Law Firm Investigates Legal Claims

    Genea IVF Clinic Data Leak: Medical Records, Addresses, and Phone Numbers at Risk

    CISA Warns of Craft CMS Code Injection Flaw

    CISA Warns of Craft CMS Code Injection Flaw

    Vivifi Data Leak: Millions of Loan Applicants' Data Exposed

    Vivifi Data Leak: Millions of Loan Applicants’ Data Exposed