Orange Belgium

Orange Belgium disclosed a cyberattack discovered in late July 2024, compromising data from 850,000 customer accounts. The breach exposed non-critical but sensitive personal information, including names, first names, telephone numbers, SIM card numbers, and PUK (Personal Unblocking Key) codes—8-digit security codes used to unblock SIM cards. The company confirmed that no passwords, email addresses, banking, or financial details were accessed. Upon detection, Orange Belgium blocked access to the affected system, reinforced security measures, and notified relevant authorities, filing an official complaint. Customers were alerted via email and SMS, with warnings to stay vigilant against potential phishing attempts via a dedicated webpage. The attack’s connection to a prior incident at parent company Orange Group (detected on July 25, with no confirmed customer data extraction) remains unconfirmed. The nature of the attack (e.g., method, perpetrator) was not disclosed.

Source: https://therecord.media/belgian-telecom-says-cyberattack-compromised-data-on-850000

TPRM report: https://www.rankiteo.com/company/orange

"id": "ora529082025",
"linkid": "orange",
"type": "Breach",
"date": "7/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '850,000',
                        'industry': 'Telecommunications',
                        'location': 'Belgium',
                        'name': 'Orange Belgium',
                        'type': 'Telecommunications Provider'}],
 'customer_advisories': ['Warning about potential phishing attempts',
                         'Dedicated web page for guidance'],
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': '850,000',
                 'personally_identifiable_information': ['Names',
                                                         'Telephone numbers'],
                 'sensitivity_of_data': 'Moderate (no critical data like '
                                        'passwords or financial details, but '
                                        'PUK codes are sensitive)',
                 'type_of_data_compromised': ['Personal data (names, telephone '
                                              'numbers)',
                                              'SIM-related data (SIM card '
                                              'numbers, PUK codes)',
                                              'Service data (tariff plans)']},
 'date_detected': 'Late July 2023 (exact date unspecified)',
 'date_publicly_disclosed': 'Wednesday, August 2, 2023 (approximate, based on '
                            'announcement timing)',
 'description': 'Orange Belgium announced a cyberattack discovered at the end '
                'of July 2023 that compromised data from 850,000 customer '
                'accounts. The hacker accessed an IT system containing '
                'non-critical customer data, including names, telephone '
                'numbers, SIM card numbers, PUK codes, and tariff plans. The '
                'company blocked access to the affected system, strengthened '
                'security measures, and alerted authorities. Customers were '
                'notified via email and text message and advised to watch for '
                'phishing attempts.',
 'impact': {'brand_reputation_impact': 'Potential risk due to exposure of '
                                       'customer data and phishing warnings',
            'data_compromised': ['Customer names (first and last)',
                                 'Telephone numbers',
                                 'SIM card numbers',
                                 'PUK (Personal Unblocking Key) codes',
                                 'Tariff plans'],
            'identity_theft_risk': 'Low (no critical data like passwords, '
                                   'emails, or financial details compromised, '
                                   'but PUK codes could enable SIM swapping)',
            'payment_information_risk': 'None (no banking or financial details '
                                        'exposed)',
            'systems_affected': ['An IT system containing customer data']},
 'investigation_status': 'Ongoing (no updates on root cause or relation to '
                         'Orange Group incident)',
 'post_incident_analysis': {'corrective_actions': ['Strengthened security '
                                                   'measures (unspecified)']},
 'recommendations': ['Customers advised to monitor for phishing attempts',
                     'Company likely reviewing access controls and system '
                     'segmentation'],
 'references': [{'date_accessed': 'August 2023',
                 'source': 'Orange Belgium Public Statement'}],
 'regulatory_compliance': {'legal_actions': ['Official complaint filed with '
                                             'judicial authorities'],
                           'regulatory_notifications': ['Relevant authorities '
                                                        'alerted']},
 'response': {'communication_strategy': ['Public statement',
                                         'Customer notifications via email and '
                                         'text message',
                                         'Dedicated web page for phishing '
                                         'awareness'],
              'containment_measures': ['Blocked access to the affected system'],
              'incident_response_plan_activated': True,
              'law_enforcement_notified': True,
              'remediation_measures': ['Strengthened security measures']},
 'stakeholder_advisories': ['Customers notified via email and text message'],
 'title': 'Orange Belgium Cyberattack Compromising Customer Data',
 'type': 'Data Breach'}