& cplSiteName &

Orange France Hacked

Ray Le Maistre
5/8/2014
50%
50%

The personal details of about 1.3 million Orange France customers were stolen by hackers in April, the operator has admitted.

Details including the name, date of birth, fixed and mobile numbers, and email addresses (but not bank details) were stolen in a security breach that was discovered on April 18. The operator has warned that the information stolen could be used in phishing attacks on customers whose details were compromised.

Orange France admitted earlier this year that the personal information of about 800,000 customers was stolen during January.

The data breach highlights the constant struggle that operators face to keep their customers' data secure, a struggle that will be discussed at the upcoming Mobile Network Security Strategies conference in London, which will take place on May 21 at The Thistle Marble Arch hotel.

Patrick Donegan, Heavy Reading senior analyst and mobile network security expert who is hosting the conference, says operators need to consider their levels of investment in security systems, especially as they deploy new networks.

"Information security has always been a strong differentiator for telcos," says Donegan. "In the all-IP networking era, telcos need to increase investment in their own internal security processes as well as their network defenses. It's critical for telcos that their customers understand that they are their most trusted ally in the battle against attacks on private information, no matter who or where they come from."

That trust will come under increasing scrutiny, though, if such breaches become more commonplace. Ironically, Orange only recently conducted a survey which found that consumers are becoming increasingly concerned about the data being stored about them by third-party organizations such as communications service providers, handset manufacturers, and social media networks. (See Euronews: Consumers Freak Out Over Data Security.)

That concern will only increase if operators fail to tell their customers of such security breaches in a timely fashion.

George Anderson, a director at security technology specialist Webroot Software Inc. , is surprised by "the length of time between the attack happening and it becoming public knowledge -- almost three weeks -- especially as the data stolen is ideal for phishing subscribers using email, SMS and phone calls. Most phishing sites are 'live' for just a few hours and the phishing attack is often indistinguishable from genuine communications and requests. That's why it's vital that Orange France customers, the potential victims, are made aware of any threat to them immediately," said Anderson in comments emailed to Light Reading.

— Ray Le Maistre, Circle me on Google+ Follow me on TwitterVisit my LinkedIn profile, Editor-in-Chief, Light Reading


Want to learn more about this topic? Check out the agenda for Mobile Network Security Strategies, which will take place on May 21 at The Thistle Marble Arch hotel in London. For more on the event, including the stellar service provider speaker line-up, see the event's official site.


(7)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
DOShea
50%
50%
DOShea,
User Rank: Blogger
5/11/2014 | 5:08:20 PM
Re: slow reaction time
Breaches like this will hopefull force operators to really tell customers how they protect their data throughout the value chain. Everyone claims high levels of security, and customers don't really know from one carrier to the next the different approaches that are being taken.
MordyK
50%
50%
MordyK,
User Rank: Light Sabre
5/9/2014 | 2:33:31 PM
Re: Value of data
The market bears me out :)
Sarah Thomas
50%
50%
Sarah Thomas,
User Rank: Blogger
5/9/2014 | 2:13:49 PM
Re: slow reaction time
I think it requires protective measures at every step of the value chain from the network to the web to end user devices. Right now, there are a lot of holes where things can go wrong.
Sarah Thomas
50%
50%
Sarah Thomas,
User Rank: Blogger
5/9/2014 | 2:12:55 PM
Re: Value of data
ha, so cybercriminals are better at big-data analytics than operators? Not too far off...
MordyK
50%
50%
MordyK,
User Rank: Light Sabre
5/8/2014 | 9:33:14 PM
Value of data
The joke is that while carrier's bsaically don't recognise the data's potential, hacker's recognise the locked up value and make attempts to get at it.

The upside of this is that business work on market economics, so attempts at getting this data highlight its potential value opportunity. 
danielcawrey
50%
50%
danielcawrey,
User Rank: Light Sabre
5/8/2014 | 2:29:36 PM
Re: slow reaction time
Phishing and other types of social hacking are becoming a major problem. I am hoping that sometime soon we can come to a consensus on the web for digital identities to thwart this growing problem. 

The issue is that there are almost a byzantine array of solutions being developed. Two-auth is a nice stepping stone, but then you get into biometrics that can open up a host of issues that have never been considered. 
Sarah Thomas
50%
50%
Sarah Thomas,
User Rank: Blogger
5/8/2014 | 12:55:07 PM
slow reaction time
Wow, it would seem that time is of the essence in any security breach like this so that customers can take necessary precautions to protect their identities. Is Orange advising them on what to do now, or is it too late?
Featured Video
From The Founder
Light Reading founder Steve Saunders grills Cisco's Roland Acra on how he's bringing automation to life inside the data center.
Flash Poll
Upcoming Live Events
March 20-22, 2018, Denver Marriott Tech Center
March 22, 2018, Denver, Colorado | Denver Marriott Tech Center
March 28, 2018, Kansas City Convention Center
April 4, 2018, The Westin Dallas Downtown, Dallas
April 9, 2018, Las Vegas Convention Center
May 14-16, 2018, Austin Convention Center
September 25-27, 2018, Denver, Colorado
October 23, 2018, Georgia World Congress Centre, Atlanta, GA
November 8, 2018, The Montcalm by Marble Arch, London
November 15, 2018, The Westin Times Square, New York
December 4-6, 2018, Lisbon, Portugal
All Upcoming Live Events
Hot Topics
Trump Says Foxconn Will Make iPhones in US
Dan Jones, Mobile Editor, 1/15/2018
Net Neutrality Moves Are as Futile as Trump's Comb-Over
Iain Morris, News Editor, 1/18/2018
Huawei, ZTE Face US Federal Ban
Iain Morris, News Editor, 1/15/2018
Analyst: Verizon's Fixed 5G Is a Loss Leader for Mobile
Dan Jones, Mobile Editor, 1/16/2018
Ericsson Lurches to $1.8B Write-Down
Iain Morris, News Editor, 1/16/2018
Animals with Phones
Live Digital Audio

A CSP's digital transformation involves so much more than technology. Crucial – and often most challenging – is the cultural transformation that goes along with it. As Sigma's Chief Technology Officer, Catherine Michel has extensive experience with technology as she leads the company's entire product portfolio and strategy. But she's also no stranger to merging technology and culture, having taken a company — Tribold — from inception to acquisition (by Sigma in 2013), and she continues to advise service providers on how to drive their own transformations. This impressive female leader and vocal advocate for other women in the industry will join Women in Comms for a live radio show to discuss all things digital transformation, including the cultural transformation that goes along with it.

Like Us on Facebook
Twitter Feed