Telecommunications company Orange has admitted that a “data leak” exposed the personal information of some 15,000 customers in Belgium to possible hackers. The leak took place two weeks ago, but was only this week revealed to the clients affected.
Orange did not reveal exactly what details had been leaked, but the possibilities include names, addresses and bank account numbers – items in the possession of the company for the payment of bills. The information contained in customers’ phones themselves, such as contacts or the content of text messages, was not exposed.
However the information that was leaked could give scammers enough information to carry out phishing attacks – where the criminal poses as a legitimate company to extract sensitive information. Customers should, a company spokesperson said, “report every attempt at misuse. We have sent out a mail with information on how to avoid identity theft, and there is also an email address where they can send in any questions.”
The company explained the delay in revealing the leak, saying it had take the time to evaluate the extent of the leak and examine the steps to be taken.
“We immediately informed the data protection authorities,” the spokesperson said. “We also had to find out which customers were affected and what information may have been stolen. As soon as we knew, we informed the victims.”
The operator assured its other customers that, if they have not yet received an email, their accounts were not breached.