According to the threat actor, who uses the alias Rey and is a member of the HellCat ransomware group, the stolen data is mostly from the Romanian branch of the company and includes 380,000 unique email addresses, source code, invoices, contracts, customer and employee information. A hacker claims to have stolen thousands of internal documents with user records and employee data after breaching the systems of Orange Group, a leading French telecommunications operator and digital service provider. Some samples shared with BleepingComputer show email addresses from former and current Orange Romania employees, partners, and contractors, along with partial details for payment cards belonging to Romanian customers. Rey told us they breached Orange independently but they are part of the HellCat ransomware group, which has claimed attacks on Schneider Electric and Spanish telecommunications company Telefónica. "Orange can confirm that our operations in Romania have been the target of a cyberattack," a company representative told BleepingComputer. The threat actor published on a hacker forum details about the stolen data after trying to extort the company unsuccessfully. BleepingComputer reached out to both Orange Group with a request for comment and the company said they were looking into the matter. While Orange Romania did not reply with an official statement, an Orange spokesperson told us that they've been discussing internally on the incident and the steps to mitigate it. The leak also contains email addresses and names of Yoxo customers, Orange's subscription service with no contract period.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 25 Feb 2025 11:06:00 +0000