Orange Belgium has confirmed that a cyberattack in July compromised data belonging to approximately 850,000 customer accounts. The company disclosed the incident on August 20, stating that it acted swiftly once the breach was detected to contain the intrusion, notify regulators, and alert impacted users.
Scope of the Breach
The telecom operator said it identified the attack in late July and activated its incident response plan immediately. According to the company, the hackers accessed specific customer data, including names, phone numbers, SIM card numbers, PUK codes, and tariff plans.
Orange Belgium stressed that certain sensitive details such as addresses, email accounts, financial information, and passwords were not exposed during the breach. This limits some of the potential risks but still leaves affected users vulnerable to targeted attacks, particularly those involving SIM-related exploits and phishing campaigns.
“As soon as the incident was detected, our teams blocked access to the affected system and tightened our security measures,” the company explained in its official notice. Orange Belgium also confirmed that it filed an official complaint with judicial authorities and has kept national regulators informed.
Customer Notifications and Protective Measures
The company has already reached out to customers impacted by the incident via SMS and email. In its communications, Orange Belgium urged individuals to remain cautious of phishing attempts, fraudulent text messages, and other social engineering tactics that could leverage the stolen data.
While no financial data was exposed, the compromised SIM and PUK codes raise specific security concerns. Attackers could potentially attempt SIM swap fraud, a technique where criminals transfer a victim’s mobile number to another SIM card to intercept calls, messages, and authentication codes. By notifying customers quickly, Orange Belgium aims to reduce the risk of these secondary attacks.
Relation to Other Orange Group Incidents
The breach in Belgium occurred close to the July 25 cyberattack on Orange Group in France, which disrupted certain management services and platforms for both business and consumer clients. Orange Group reported at the time that no customer data had been exposed in the French incident.
Both Orange and Orange Belgium have clarified that the two cyberattacks are not connected. However, the close timing highlights the broader challenges facing telecom providers, which continue to be high-value targets for threat actors due to the scale and sensitivity of the data they manage.
Hacker Group Claims and Ongoing Investigation
While Orange Belgium has not disclosed the name of the group behind the breach, it confirmed that it has identified the attackers. The company did not provide further details, citing the ongoing investigation.
Separately, a ransomware group calling itself WarLock has claimed responsibility for stealing data from Orange. The group published samples online, though those files appeared tied to the French incident rather than the Belgian case. Orange Belgium has not linked its breach to WarLock and continues to withhold attribution until its investigation is complete.
Industry Context and Cybersecurity Lessons
Incidents like the one impacting Orange Belgium underscore the importance of robust cybersecurity defenses in the telecom industry. Telecom operators manage large volumes of customer data, making them prime targets for both criminal groups and ransomware gangs. Even when financial data is not compromised, access to SIM information and identifiers can still expose users to fraud and identity theft.
The breach reinforces several key lessons for both companies and customers:
1. Proactive Detection:
Rapid identification and containment of breaches remain essential to limit the scope of exposure.
2. Customer Education:
Promptly informing customers and guiding them on phishing risks can help reduce the likelihood of secondary exploitation.
3. Layered Security:
Beyond perimeter defenses, telecoms must deploy strong internal monitoring and response capabilities to secure systems at scale.
As investigations continue, Orange Belgium has emphasized that the “heart of its security strategy remains protecting customers” while it works to strengthen defenses. For businesses and consumers alike, the incident serves as a reminder of the persistent threats facing digital infrastructure and the need for constant vigilance.
