The telecoms giant warned that customers were going to be affected by its response to the attack, however, it did not disclose the incident itself.
In a statement, the company said: “At this stage of the investigation, there is no evidence to suggest that any customer or Orange data has been extracted. We remain vigilant in this regard.”
The attack took place on Friday 25 July, with the group detecting a cyberattack on its information systems, with Orange Cyberdefense teams mobilising and isolating the potential attack to mitigate the impact.
“However, these isolation operations have resulted in the disruption of certain services and management platforms for some of our corporate customers and some consumer services, primarily in France. Our dedicated teams are fully mobilised to inform and support affected customers,” Orange stated.
“Our teams have identified and are implementing solutions that will allow, under heightened vigilance, the gradual reopening of the main impacted services by Wednesday morning [30 July].
It added that a complaint has been filed and the relevant authorities have been alerted.
“At this stae of the investigation, there is no evidence to suggest that any customer or Orange data has been extracted. We remain vigilant in this regard,” it added.
The attack follows Orange confirming earlier this year that it experienced a separate cyber attack in March.
At the time, a member of the HellCat ransomware group, known as Rey, gained access to a “non-c
Source: https://capacityglobal.com/news/orange-hit-cyberattack/
Orange Cyberdefense cybersecurity rating report: https://www.rankiteo.com/company/orange-cyberdefense
"id": "ORA1764727825",
"linkid": "orange-cyberdefense",
"type": "Cyber Attack",
"date": "8/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': 'Corporate '
'customers and some '
'consumer services',
'industry': 'Telecommunications',
'location': 'France',
'name': 'Orange',
'size': None,
'type': 'Telecoms'}],
'customer_advisories': 'Affected customers informed and '
'supported',
'data_breach': {'data_encryption': None,
'data_exfiltration': 'No evidence of data '
'extraction',
'file_types_exposed': None,
'number_of_records_exposed': None,
'personally_identifiable_information': None,
'sensitivity_of_data': None,
'type_of_data_compromised': None},
'date_detected': '2024-07-25',
'date_resolved': '2024-07-30',
'description': 'Orange detected a cyberattack on its information '
'systems, leading to the isolation of potential '
'threats and disruption of certain services for '
'corporate and consumer customers, primarily in '
'France. No evidence of data extraction was found '
'at the time of the investigation.',
'impact': {'brand_reputation_impact': None,
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': 'No evidence of data extraction',
'downtime': 'Disruption of services until 2024-07-30',
'financial_loss': None,
'identity_theft_risk': None,
'legal_liabilities': None,
'operational_impact': 'Disruption of corporate and '
'consumer services, primarily '
'in France',
'payment_information_risk': None,
'revenue_loss': None,
'systems_affected': 'Information systems, management '
'platforms'},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': None,
'high_value_targets': None,
'reconnaissance_period': None},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': None},
'ransomware': {'data_encryption': None,
'data_exfiltration': None,
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'references': [{'date_accessed': None,
'source': 'Orange Statement',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': 'Complaint filed',
'regulations_violated': None,
'regulatory_notifications': 'Relevant '
'authorities '
'alerted'},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': 'Public statement, '
'customer advisories',
'containment_measures': 'Isolation of potential '
'attack, disruption of '
'services',
'enhanced_monitoring': None,
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Yes',
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': 'Solutions implemented for '
'service restoration by '
'2024-07-30',
'remediation_measures': 'Gradual reopening of '
'impacted services under '
'heightened vigilance',
'third_party_assistance': None},
'title': 'Cyberattack on Orange Information Systems',
'type': 'Cyberattack'}