Orange discloses security incident: no customer data stolen

French telecom corporation Orange Group detected a cyberattack on one of its information systems, but no customer data was exfiltrated.

The unauthorized access was detected on Friday, July 25th, 2025. In collaboration with Orange Cyberdefense, potentially affected devices were taken offline to minimize the impact of the incident.

Isolating these systems disrupted a small number of management services and platforms for Orange’s business customers and consumer services, primarily located in France. As we speak, affected customers are actively being informed about the incident.

“Our teams have identified and are currently implementing solutions that, while under heightened vigilance, will allow the [Orange] Group to gradually restore the main affected services by the morning of Wednesday, 30th July,” the company said in a press release that was published on Monday.

In addition, Orange has notified the relevant authorities and filed a formal complaint with French law enforcement agencies. Orange states that all parties are collaborating closely to determine the scope and the impact of the incident.

According to the Issy-les-Moulineaux-based telecommunications company, there’s no evidence at the time that any internal or customer data has been exfiltrated. But to be sure, the company continues to be vigilant.

This is the second time this year that Orange has had to deal with hackers. Back in February 2025, a threat actor called “Rey” claimed that he had accessed Orange’s corporate network and stolen almost 12,000 files, for a total of 6.5GB.

The documents contained information from former and current Orange Romania employees, partners, and contractors, along with partial details for payment cards belonging to Romanian customers.

“We took immediate action, and our top priority remains protecting the data and interests of our employees, customers, and partners. There has been no impact on customers’ operations, and the breach was found to occur on a non-critical back office application,” a company spokesperson stated at the time.