Cyber Incident Victim: Orange SA

On Friday, 25 July, the Orange Group detected a cyberattack targeting one of its information systems. Upon identification of the attack, the Group's internal security teams immediately began working with Orange Cyberdefense to assess the situation. The joint teams decided to isolate potentially affected services in order to limit the spread of the incident. These isolation measures resulted in disruption to certain management services and platforms used by some Business customers. In addition, a few Consumer services, primarily located in France, experienced intermittent availability issues. The Orange Group promptly informed the affected customers about the service interruptions and began providing assistance. Dedicated support teams remained engaged throughout the incident to address customer inquiries and mitigate inconvenience.

While maintaining heightened vigilance, the Group's teams identified and started implementing solutions designed to restore the compromised systems. The objective was to gradually bring back the main affected services by the morning of Wednesday, 30 July. On Monday, 28 July, the Orange Group filed a formal complaint with the relevant authorities concerning the security incident. The authorities were notified immediately, and Orange committed to close collaboration throughout the investigative process. At the current stage of the investigation, there is no evidence to suggest that any internal or customer data has been exfiltrated. Orange continues to maintain the highest level of vigilance over its information systems to prevent further incidents. For obvious security reasons, the company has stated that it will not provide any further comments on the matter.