Overview
- On July 25 Orange Cyberdefense detected and isolated an intrusion on an internal information system, triggering service outages for business and consumer customers in France.
- As of the morning of July 30, the company has begun gradually restoring the main impacted services under heightened monitoring.
- Investigators have found no evidence of customer or corporate data exfiltration to date but continue to scrutinize the incident.
- Orange alerted data protection authorities within three days under GDPR requirements and filed a formal complaint to initiate an official investigation.
- Although the telecom has not attributed the attack to a specific group, its tactics mirror previous telecom breaches linked to China’s Salt Typhoon operation.