Feeds

Orange suspends extranet after attack

Enable disabled

Security for virtualized datacentres

Orange has had to suspend access to its "Enable" system since last Thursday when it became aware that a third party was trying to access the credit checking and connection management system.

In a statement, Orange said someone tried to get in to the system, which is designed for internal and external sales people. Orange wouldn't be drawn on what data, if any, was compromised. The system is designed to manage customers wanting upgrades or coming to the end of their contract, so it seems likely that the attacker was someone who could gain financially from that information.

The most obvious candidate would be a contract reseller, who wanted to call up Orange customers coming to the end of their contracts. Such companies have, in the past, been reduced to calling people at random in the hope of hitting someone near renewal, so they would certainly be interested in details of customers nearing the end of their contracts, including their eligibility and credit rating, as well as name and number.

So, if you're an Orange customer getting suspicious calls offering you a new contract, let us know.

The Reg understands that new usernames and passwords have been issued to legitimate Enable users, though the system isn't fully operational and Orange says it is still investigating. So don't hold your breath. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
You! AT&T! The only thing 'unlimited' about you is your CHEEK, growl feds
Man, we did everything but knock on their doors - carrier
The DRUGSTORES DON'T WORK, CVS makes IT WORSE ... for Apple Pay
Goog Wallet apparently also spurned in NFC lockdown
EE launches 150Mbps '4G+' in the heart of London
LTE-A – Faster phones for Hoxton Hipsters
Watch out, Samsung and Apple: Xiaomi's No 3 in smartphones now
From obscurity to selling 19 million mobes a quarter
Brazil greenlights $200m internet cable to Europe in bid to outfox NSA
Only one problem: it won't make the slightest difference. And they know it
Wanna hop carriers with your iPad's Apple SIM? AVOID AT&T
Unless you want your network-swapping tech disabled for good, that is
Knocking Knox: Samsung DENIES vuln claims, says mysterious blogger is a JOKER
But YES, system does store encryption key on the device
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.