Orange Belgium has confirmed a data breach affecting approximately 850,000 customer accounts after detecting unauthorized access to one of its IT systems in late July 2025.
The incident did not compromise highly sensitive data such as passwords, email addresses, or banking information, but it did expose personal details, including names, phone numbers, SIM card numbers, PUK codes, and tariff plans.
The breach was identified by Orange Belgium's internal security teams, who quickly blocked access to the compromised system and escalated the matter to both regulatory and judicial authorities. The company has since implemented additional security measures and has begun notifying affected users via SMS and email.
Founded as part of the global Orange Group, Orange Belgium is one of the country's major telecom operators, providing mobile, internet, and TV services to millions of subscribers. While it operates independently, it shares brand identity and infrastructure partnerships with other Orange entities across Europe, including Orange France, which recently experienced its own cyberattack affecting enterprise services.
In Orange Belgium's case, attackers accessed a backend IT system that stored customer metadata. This is data that, while not financially sensitive on its own, could be exploited in social engineering campaigns. Specifically, the inclusion of PUK codes and SIM card numbers raises concern over the risk of SIM swap fraud, though the company has stated that enhanced verification processes have been put in place to prevent such attacks. These include new identity checks and the introduction of security questions not based on the breached data.
The company emphasized that the breach had no impact on service availability, and all affected lines remain operational. A dedicated support line has been set up for concerned customers, and a FAQ page offers further details and precautionary steps.
Orange Belgium has also confirmed that the compromised data cannot be used to request SIM replacements or make unauthorized changes to customer accounts under the new security protocols. Nevertheless, the company is urging users to remain cautious of potential phishing attempts, particularly fraudulent messages pretending to come from Orange or related service providers.
The timing of the breach is notable, occurring just weeks after Orange France and Bouygues Telecom, two of the largest telecom operators in France, also reported cyber incidents. In Orange France's case, the attack disrupted business services but reportedly did not result in data exfiltration. Bouygues, however, suffered a more severe breach involving personal and banking information tied to over 6 million customers.
The clustering of these incidents raises questions about whether European telecoms are being targeted in a coordinated campaign, as previously seen in the United States with the “Salt Typhoon” attacks attributed to Chinese state-sponsored actors. Orange Belgium has not released any information about the perpetrators, deciding to withhold technical details and maintain investigative confidentiality.
Leave a Reply