Orange Belgium Data Breach Exposes 850,000 Customer Records
▼ Summary
– Orange Belgium disclosed a breach in July that compromised data of approximately 850,000 customers.
– The attackers accessed customer information including names, phone numbers, SIM details, and tariff plans, but not passwords or financial data.
– The company confirmed this incident is unrelated to global telecom attacks linked to China’s Salt Typhoon group and is part of a separate investigation from Orange Group’s breach.
– Orange Belgium is notifying affected customers and advising vigilance against potential fraud using the stolen information.
– This breach is distinct from Orange Group’s July incident, which primarily disrupted French customers, and follows previous security issues at other Orange subsidiaries.
Orange Belgium, a major telecommunications provider in Belgium and Luxembourg, has confirmed a significant data breach affecting around 850,000 customers. The incident, detected in late July, involved unauthorized access to an internal IT system containing sensitive customer details. While financial data and passwords were not compromised, the exposed information could still be used in targeted phishing and social engineering attacks.
The company, which serves more than three million customers across the region, stated that the breach did not result from the widespread attacks on telecom firms linked to China’s Salt Typhoon cyber-espionage group. An ongoing investigation has identified the threat actors, though their identity has not been publicly disclosed.
According to Orange Belgium, the stolen data includes surnames, first names, telephone numbers, SIM card numbers, PUK codes, and tariff plan details. Although login credentials and payment information remained secure, the company is urging affected customers to stay alert for suspicious communications. Fraudsters may use the stolen personal information to impersonate legitimate organizations and attempt to extract further sensitive data.
All impacted individuals are being notified via email or SMS with guidance on how to protect themselves. The breach is unrelated to a separate cybersecurity incident disclosed by Orange Group in late July, which primarily disrupted services for customers in France.
This is not the first time Orange has faced cybersecurity challenges. Earlier this year, its Romanian division reported a breach involving a non-critical application, leading to the exposure of internal documents and employee data. In 2020, the Orange Business Solutions division suffered a Nefilim ransomware attack that compromised information belonging to twenty enterprise clients.
Orange Group, the parent company, operates across Europe, Africa, and the Middle East, serving nearly 300 million customers. With annual revenues exceeding €40 billion, the telecom giant continues to invest in strengthening its cybersecurity measures in response to evolving digital threats.
(Source: Bleeping Computer)
