Feeds

Orange suspends extranet after attack

Enable disabled

Application security programs and practises

Orange has had to suspend access to its "Enable" system since last Thursday when it became aware that a third party was trying to access the credit checking and connection management system.

In a statement, Orange said someone tried to get in to the system, which is designed for internal and external sales people. Orange wouldn't be drawn on what data, if any, was compromised. The system is designed to manage customers wanting upgrades or coming to the end of their contract, so it seems likely that the attacker was someone who could gain financially from that information.

The most obvious candidate would be a contract reseller, who wanted to call up Orange customers coming to the end of their contracts. Such companies have, in the past, been reduced to calling people at random in the hope of hitting someone near renewal, so they would certainly be interested in details of customers nearing the end of their contracts, including their eligibility and credit rating, as well as name and number.

So, if you're an Orange customer getting suspicious calls offering you a new contract, let us know.

The Reg understands that new usernames and passwords have been issued to legitimate Enable users, though the system isn't fully operational and Orange says it is still investigating. So don't hold your breath. ®

HP ProLiant Gen8: Integrated lifecycle automation

More from The Register

next story
Google Nest, ARM, Samsung pull out Thread to strangle ZigBee
But there's a flaw in Google's IP-based IoT system
Want to beat Verizon's slow Netflix? Get a VPN
Exec finds stream speed climbs when smuggled out
Rural mobile coverage: Tweeting twits to join chirping tits in UK's national parks
Yup, someone IS gabbering behind you on the hiking trail
US freemium mobile network eyes up Europe
FreedomPop touts 'free' calls, texts and data
'Two-speed internet' storm turns FCC.gov into zero-speed website
Deadline for comments on net neutrality shake-up extended to Friday
NBN Co execs: No FTTN product until 2015
Faster? Not yet. Cheaper? No data
Oh girl, you jus' didn't: Level 3 slaps Verizon in Netflix throttle blowup
Just hook us up to more 10Gbps ports, backbone biz yells in tit-for-tat spat
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.