Orange Group, a telecom services provider based in France, has confirmed that one of its internal systems at its Romanian branch was breached by a cyber attacker identified as “Rey,” an individual reportedly associated with the HellCat ransomware group. The breach has resulted in the exposure of over 380,000 email addresses and other sensitive data.
Upon further investigation, Orange clarified that the attack was limited to a back-office application, ensuring that customer-facing services and data remained unaffected. This is a crucial detail, as it highlights that no customer transactions, services, or other sensitive information were compromised during the attack.
While the data breach has been attributed to a lesser-known hacking group, the exact scale of the leak is still under review. Early reports indicate that the attacker managed to siphon off more than 12,000 files, totaling over 6.5GB of data. Among the compromised files were payment card details, subscription information for contractor Yoxo, partner data, and employee records.
At this stage, there is still uncertainty surrounding whether the attack was carried out by the HellCat ransomware group itself, or if it was the work of Rey, a figure who may be operating independently, separate from the larger cybercrime collective. Some sources in the cybersecurity community are skeptical about the HellCat group’s involvement, particularly after a recent statement surfaced on a Telegram channel. According to the post, if HellCat were behind the attack, it likely would have claimed responsibility, as it did in previous high-profile incidents like those involving Telefonica and Schneider Electric.
Interestingly, this breach follows a similar cyber incident reported by Orange Spain just last week. The company has promised to provide additional details in the near future, further suggesting that the telecom sector may be facing heightened cyber threats.
This incident serves as a stark reminder of the vulnerability of telecom companies, which often hold vast amounts of personal and financial data. As cybercriminals increasingly target data-intensive industries, the telecom sector remains a prime target for malicious actors seeking valuable information.
Ad
Join over 500,000 cybersecurity professionals in our LinkedIn group “Information Security Community”!