French telecom operator Orange Group reports breach of Romanian subsidiary
Learn More
Orange Group, a leading French telecommunications operator and digital service provider, has confirmed a security breach targeting its Romanian operations.
The incident was exposed after a hacker using the alias "Rey," a self-identified member of the HellCat ransomware group, published details about the stolen data on a hacker forum following an unsuccessful extortion attempt.
According to the threat actor, they had access to Orange's systems for over a month before beginning to exfiltrate company data. Rey claims to have stolen nearly 12,000 files totaling close to 6.5GB after compromising Orange's systems by exploiting compromised credentials and vulnerabilities in the company's Jira software for bug/issue tracking and internal portals.
The stolen data reportedly includes:
- 380,000 unique email addresses,
- source code,
- invoices,
- contracts,
- customer and employee information primarily from the Romanian branch of the company.
Sample data revealed email addresses from former and current Orange Romania employees, partners, and contractors, along with partial details for payment cards belonging to Romanian customers. Some of the leaked information is outdated, including email addresses from individuals who worked with Orange Romania more than five years ago and expired payment card information.
Orange has confirmed the breach and emphasized that there has been "no impact on customers' operations, and the breach was found to occur on a non-critical back office application. Their cybersecurity and IT teams are working to assess the extent of the breach and minimize its impact.
