14 DAY TRIAL // French telecommunications services provider Orange has suffered another data breach. This is the second time cybercriminals target the company’s systems this year.
According to AFP, the attackers managed to steal names, email addresses, phone numbers (both mobile and fixed), names of mobile and Internet operators, and dates of birth. 1.3 million customers are affected by the incident.
The breach came to light on April 18, but the company has waited until now to inform customers to determine its full extent and to ensure that the security holes leveraged by the hackers have been patched.
While no financial information has been compromised, Orange is warning customers that the details stolen by the cybercriminals can be used for phishing attacks.
Reuters reports that the hackers breached the platform used by the company to send promotional messages to customers.
The first incident suffered by Orange this year came to light in early February. The attackers penetrated the My Account section of the orange.fr website on January 16. They gained access to the names, mailing addresses, phone numbers and email addresses of 800,000 people.
No passwords or financial data were compromised at the time.
Names, email addresses and phone numbers are not as sensitive as passwords or financial data. However, such information can still be put to good use. The cybercriminals who stole it can use it for targeted phishing attacks or they can sell it on the underground market.