Orange Cyberdefense victim of a major customer data leak

Orange Cyberdefensethe cybersecurity subsidiary ofOrangewas affected by a leak of data more than a hundred customers. An act that has not been claimed, but which could have significant consequences. Most affected customers are IT managers within companies, whose surnames, first names, telephone numbers and e-mail addresses were published online this Sunday, September 4.

Hundreds of customers impacted

These personal data were disseminated in the form of an archive on a infamous cybercriminal forumreported The world which is one of the customers of Orange Cyberdefense. According to the person who published the document, it contains the personal data of more than 1,584 customers. This information was however contradicted by the victim of the leak, who specified that the number of customers affected would be around a hundred.

In the message that accompanies the file posted on the forum, its author writes that “ access to their servers is also for sale “. It does not give more details, but if these facts are proven, the stakes in terms of cybersecurity would be all the more substantial. The people affected are the customers of the cybersecurity solution Micro-SOC Endpoint. A service designed to detect and prevent threats in corporate workstations and servers.

Data can be used for phishing

Orange Cyberdefense contacted the customers affected by the leak on Monday, September 5 and confirmed the publication on a specialized forum of a file containing personal data relating to a few hundred French customers of the Micro-SOC serviceā€. However, the origin of the leak has not been communicated, but the company claims to be in the process of investigate to better understand the situation.

The disclosed data could be used by third parties to carry out phishing operations pretending to be IT managers. The consequences of this type of malicious operation can be serious. According to a study conducted by IBM in 2022, phishing is the costliest attack for businesses.

The world specifies that health establishments are among the organizations affected by the leak. In France, hospitals are regularly victims of cyberattacksto the point that 733 establishments were impacted by security incidents in 2021. At the end of August, the government allocated 20 million dollars for ensure cybersecurity of the medical sector.

Leave a Comment

Your email address will not be published.