Saturday, January 23, 00:56
Home security Orange: The ransomware attack exposed data of our corporate clients

Orange: The ransomware attack exposed data of our corporate clients

Orange confirmed that it had been attacked by ransomware, saying that the data of twenty of its corporate customers had been revealed.

Orange is a French telecommunications company that offers consumer communication services and business services to businesses. With 266 million customers and 148.000 employees, Orange is the fourth largest mobile phone company in Europe.

As part of its service portfolio, Orange Business Services offers business solutions with services such as remote support, virtual workstations, system security and backup in cloud and hosting.

Nefilim ransomware leaks Orange customer data

On July 15, 2020, the ransomware operators behind Nefilim Ransomware reported Orange on their data leak site and stated that they had breached the company through the "Orange Business Solutions" section.

Orange confirmed to BleepingComputer that it was the victim of a ransomware attack targeting the Orange Business Services department on the night of Saturday, July 4, 2020, until July 5.

This attack allowed Nefilim operators to access the data of twenty Orange Pro / SME customers.

"A malware attack was detected by Orange teams during the night of Saturday, July 04, until Sunday, July 05, 2020. Orange teams immediately mobilized to identify the origin of this attack and have implemented all the necessary solutions needed to ensure the security of our systems. According to the initial analysis of security experts, this attack concerned data hosted on one of Neocles IT platforms, "Le Forfait informatique" and no other services have been affected. However, this attack seems to have allowed hackers to access the data of about 20 PRO / SME clients hosted on the platform. Affected customers have already been informed by Orange teams and Orange continues to monitor and investigate this violation. Orange apologizes for the inconvenience. "

Orange's "Le Forfait Informatique" platform allows corporate clients to host virtual workstations in the cloud, while providing external support for these hosted workstations at Orange Business Services.

As part of the leak, a 339MB archive file titled "Orange_leak_part1.rar" was released containing data allegedly stolen from Orange during the attack.

Orange ransomware

Ransom Leaks's Twitter account, which is run by researchers investigating ransomware leaks, said the file contained emails, aircraft designs and files from ATR Aircraft, a French aircraft manufacturer.

These data may indicate that ATR is a customer of Orange's Le Forfait Informatique platform and was stolen during the attack.

Ransomware attacks are data breaches

Since file encryption is not a strong component of ransomware companies targeting companies, all attacks should be considered data breaches.

Almost all ransomware attacks now include a pre-encryption component where intruders steal unencrypted files from the victim.

The threat of publishing these stolen files is the latest to be used as leverage to force victims to pay the ransom.

While Orange did the right thing by informing its customers about the attack, it is equally vital for affected customers to disclose these breaches to customers and their employees their.

Employees are usually the last to learn about these attacks but they are also at great risk as their personal data disclosed or sold to other threat agents.


Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehc
Be the limited edition.


Intel CPUs Review: Core i7-10700 vs Core i7-10700K!

Over the years, the Intel series of processors (CPUs) introduced the series of overclocking models "K" and more recently the series ...

The DeLorean can return as an electric car

The DMC DeLorean has been out of production for almost 40 years, but it looks like the iconic vehicle will return as an electric car.

Windows RDP servers are used to support DDoS

Cybercrime gangs are abusing Windows Remote Desktop Protocol (RDP) systems to reinforce the unwanted ...

SEPA: He refused to pay a ransom and thousands of files were leaked

Thousands of stolen files of the Scottish Environmental Protection Agency (SEPA) have been published by hackers, after the organization refused to pay the ransom ...

Fines at Valve, Capcom and Zenimax for geo-exclusion of games

Following a European Commission investigation, a group of video game publishers was fined € 7,8 million following allegations of geo-exclusion practices. In...

Bitcoin helps the middle class survive the pandemic

Regulators still imply that Bitcoin is just a tool for criminals, but it seems that for the middle class ...

Lightworks 2021.1 for Linux, Mac and Windows has been released

Lightworks Professional Multi-Platform Video Editing Software received the first major update to Lightworks 2021.1 for Windows, Linux and Mac.

Netflix: Watch the 9 best Anime movies of all time

One of the good things about the pandemic was that many people were introduced to the anime world. And the issue with anime is ...

CHwapi: Windows BitLocker "hit" the Belgian hospital!

The CHwapi hospital in Belgium was attacked by a cyber attack on January 17, with hackers claiming to have encrypted 40 servers and 100 ...

CPU / GPU Lotteries: Newegg sells the few on the market

Hardware shortages are not uncommon, but the pandemic has worsened the situation. The whole planet is closed to ...