TELECOMS firm Orange has warned its customers about a hack on its systems that dangled their personal data in harms way.
While no credit or debit card was lost, other information has been taken. Orange said that its users should be wary.
“On 18 April, Orange identified an illegitimate access on a technical mailing and SMS platform, which it uses for its commercial campaigns in France. This access entailed the copy of a limited amount of personal data concerning certain customers and identified prospective customers,” it said.
“For the people concerned, the data recovered includes their first names and surnames. In addition, depending on the information supplied, e-mail addresses, mobile and fixed-line phone numbers, the identity of the person’s internet operator and their date of birth, were also recovered.”
The information related to 1.3 million punters, and both current and potential customers. It is possible that the number of potentials will fall after this, as it is Orange’s second hack in recent times.
“Orange must have something of a red face right now, as it has found itself in the embarrassing position of admitting that hackers have made away with customer information for the second time this year,” commented security watcher Graham Cluley.
To massively misquote Oscar Wilde: “To lose your customers’ data once may be regarded as a misfortune; to lose it twice begins to look like carelessness.”
In February Orange confessed to a customer data takeaway that affected some 800,000 of its French users. Then, as now, Orange said that financial data was untouched.
Orange is not the only firm to ever lose customer data through a hack and this year US retail chain target parted with both the details of hundreds of millions of its users and its CIO.
“To ensure that Target is well positioned following the data breach we suffered last year, we are undertaking an overhaul of our information security and compliance structure and practices at Target,”said the firm in March.
“As a first step in this effort, Target will be conducting an external search for an interim CIO who can help guide Target through this transformation.”
Orange said that it has notified everyone who might be affected, and is working to limit any “new illegitimate access” to the data.