Telecoms giant warns customers about potential for dangerous phishing attacks
Telecoms company Orange has admitted data on 1.3 million current and potential customers has been compromised thanks to a successful attack on the firm’s systems.
Names, email addresses, phone numbers and dates of birth were all compromised in an attack that took place in April on a server used to send promotional emails and text messages. Credit card data was not pilfered, according to Reuters.
Orange hacked again
Customers have been informed and have been advised to look out for potential phishing attacks, where the data is used to create emails that trick people into handing over more information.
This is the second breach at Orange within three months. An attack reported in February led to the compromise of 800,000 people’s emails, passwords, addresses and phone numbers.
Orange has also been particularly vocal about data protection, making the breach even more embarrassing.
In November, the company’s chief executive Stephane Richard signed a charter on data protection, promising to keep customer data safe.
“Orange has done the right things following the breaches, but it is worrying that the details of such a large number of customers were apparently unencrypted in the first place,” said Steve Smith, managing director of data security firm Pentura.
“This highlights how critical it is for businesses like retailers and telecoms firms to encrypt the volumes of consumers’ personal data they hold, otherwise it’s a potential goldmine for hackers.”
The past six months have seen many of the world’s most famous companies fall victim to criminal hacks. US retail giants Target and Michaels were both breached, amongst numerous others.
Love IT security? Try our quiz!