Telecom giant Orange refutes hacker group's claim of 4.5TB data theft

A threat group calling itself Babuk claimed that it infiltrated the internal network of telecom giant Orange and stole at least 1 terabyte of confidential data.

 

Recently, Cybernews reported that a fairly new hacker group using the moniker “Babuk” claimed that it breached the internal network of Orange and stole the sensitive personal data of subscribers from the company’s compromised servers.

 

“We will publish 1TB if they do not want to negotiate with us. And there is still a lot more that we stole, the sample is not much,” reads Babuk’s post on the  dark web.

 

The group said it breached Orange’s network on March 16 and stole “all information related to orange.com and orange.ro from Romania.” 

 

Cybernews added that if the threat group is to be believed, then it stole at least 4.5 terabytes of “very detailed” information including email addresses, customer records, source code, internal documents, invoices, contracts, projects, tickets, user data, employee data, messages, credit cards, call logs, and other personally identifiable information.

 

The news outlet reviewed a sample of the stolen data posted by Babuk on the dark web and said the claims “might be credible.”

 

Refuting the claims of the threat group, an Orange spokesperson told TechRadar Pro that the company did not suffer a second breach and that the new claims are a “simple republication” of the previous leak.

 

“According to news published on 16 March, an attacker is claiming to have exfiltrated data related to orange.com and orange.ro. This follows an initial attack claim made public on February 23.

 

“After a detailed analysis, Orange can confirm that there has been no new attack, compromise or ransomware request on the Orange group’s IT systems, including orange.com. This latest publication seems to be a simple republication of a previously published leak concerning Orange Romania,” the spokesperson added.