Orange Business Company Cyber Security Posture
orange-business.comAt Orange Business, our ambition is to become the leading European Network and Digital Integrator byย leveraging ourย proven expertise in next-generation connectivity solutions, the cloud and cybersecurity. Our 30,000 women and men are present in 65 countries, where every voice counts. Together, we are driven by the same determination and the same team spirit, to build the digital solutions of today and tomorrow and create a positive impact for our customers, for their employees and for the planet. We offer exciting opportunities through innovative projects in data and digital, cloud, AI, cybersecurity, IoT, or digital workspace and big data. Join us and be part of this adventure!
Orange Business Company Details
orange-business-services
26939 employees
828468.0
541
IT Services and IT Consulting
orange-business.com
Scan still pending
ORA_1601781
In-progress
Orange Business Risk Score (AI oriented)Between 900 and 1000
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
Orange Business Global Score.png)
Orange Business Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 900 and 1000 |
Orange Business Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| Orange | Cyber Attack | 100 | 6 | 03/2022 | ORA2548322 | Link | |
Rankiteo Explanation : Attack threatening the economy of a geographical regionDescription: The cyber attackers targeted Orange and its subsidiary internet provider Nordnet in France. The cyberattack affected thousands of internet users across Europe amid the Ukraine-Russia war. Nearly 9,000 subscribers were affected by this internet outage. | |||||||
| Orange | Ransomware | 80 | 4 | 07/2020 | ORA2911822 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: French telecommunications company Orange S.A.was targeted by a Nefilim ransomware group which resulted in data loss. The company's security team was mobilized to identify the origin of the attack and put in place all necessary solutions required to ensure the security of its systems. The data from about 20 customers on its virtual hosting service was accessed by those behind the ransomware attack. | |||||||
| Orange Cyberdefense | Breach | 100 | 5 | 09/2022 | ORA2131141122 | Link | |
Rankiteo Explanation : Attack threatening the organization's existenceDescription: Orange Cyberdefense apparently suffered a data breach incident after a popular forum offered data allegedly from their firm. Data in the sample included Contact Name, Email, Phone Number, Company Name, and Solution Name. The listing also offered to sell access to Orange Cyberdefenseโs servers. | |||||||
| Orange | Cyber Attack | 60 | 2 | 01/2024 | ORA214221124 | Link | |
Rankiteo Explanation : Attack limited on finance or reputationDescription: An unknown number of consumers were unable to access specific websites as a result of a hack that targeted Orange's Spanish business, a telecom operator. Orange successfully identified and neutralised the majority of the unauthorised access to its IP network coordination centre. The French corporation said that there was no risk to client data in a message posted on the social networking platform X. | |||||||
| Orange | Ransomware | 100 | 4 | 3/2025 | ORA625031825 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: Major telecommunications provider Orange suffered a severe security breach by the Babuk ransomware gang, resulting in the theft of 4.5 TB of sensitive data. The compromised data includes customer records, email addresses, user data, source code, invoices, internal documents, contracts, employee details, credit cards, messages, call logs, and other personal information. This cyberattack has put both customers and the company at significant risk, impacting the confidentiality, integrity, and availability of valuable data. | |||||||
Orange Business Company Subsidiaries
At Orange Business, our ambition is to become the leading European Network and Digital Integrator byย leveraging ourย proven expertise in next-generation connectivity solutions, the cloud and cybersecurity. Our 30,000 women and men are present in 65 countries, where every voice counts. Together, we are driven by the same determination and the same team spirit, to build the digital solutions of today and tomorrow and create a positive impact for our customers, for their employees and for the planet. We offer exciting opportunities through innovative projects in data and digital, cloud, AI, cybersecurity, IoT, or digital workspace and big data. Join us and be part of this adventure!
Access Data Using Our API
Get company history
Rapid.png)
Orange Business Cyber Security News
Orange Business creates defense, homeland security division
Orange's new Defense & Security Division aims to accelerate the digital transformation of ministries, operators and companies in France.
โHigh stakes sovereigntyโ โ Orange Business intros new defense and security unit
Orange Business has launched a new security division to deliver sovereign, resilient infrastructure to France's defense sector, offering 5G,ย ...
Orange Business attacks defence sector
Orange Business, the enterprise services division of France's Orange Group, has formed a new, dedicated unit to โsupport defence and securityย ...
Orange Quantum Defender: Cybersecurity in France
"We are thrilled to launch Orange Quantum Defender โ a first-of-its kind service in France. This is a significant step in the Orange multi-layerย ...
Orange Business zones in on defence and security with dedicated unit
The new Defence & Security Division aims to tap into group expertise in AI, cybersecurity, and quantum computing to support these โcomplexย ...
Orange Business casts itself as defender against quantum hackers
Orange Business launches Orange Quantum Defender as part of its efforts to help companies prepare against cyber threats caused by expected quantum computingย ...
Orange Business announces new cyberdefense initiative
Orange Business has revealed a new specialised division focused on defence and homeland security. This division aims to bring togetherย ...
Orange Business, SITA put AI into air transport
Orange Business explained the arrangement would boost the global air transport sector by providing SITA with solid networks.
Dominic, Director of Strategy and Alliances โCybersecurity isnโt just about hacking or technical rolesโ
Dominic is the Director of Strategy and Alliances at Orange Cyberdefense in the United Kingdom. He introduces his role and shares the reasons that led himย ...
Orange Business Similar Companies
GlobalLogic Latinoamโยฉrica
GlobalLogic, una empresa del grupo Hitachi, es lโโ der en ingenierโโ a digital en Latinoamโยฉrica. Ayudamos a diferentes marcas a diseโยฑar y crear productos, plataformas y experiencias digitales innovadoras para el mundo moderno. Al integrar el diseโยฑo de experiencia, la ingenierโโ a compleja y la exper
Accenture in India
Accenture is a global professional services company with leading capabilities in digital, cloud and security. Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Interactive, Technology and Operations services โ all powered by the w
NTT DATA
NTT DATA โ a part of NTT Group โ is a trusted global innovator of IT and business services headquartered in Tokyo. We help clients transform through consulting, industry solutions, business process services, digital & IT modernization and managed services. NTT DATA enables them, as well as society,
FPT Software
FPT Software, a subsidiary of FPT Corporation, is a global technology and IT services provider headquartered in Vietnam, with USD 1.22 billion in revenue (2024) and over 33,000 employees in 30 countries. The company champions complex business opportunities and challenges with its world-class servic
Sopra Steria
Sopra Steria, a major Tech player in Europe with 51,000 employees in nearly 30 countries, is recognised for its consulting, digital services and solutions. It helps its clients drive their digital transformation and obtain tangible and sustainable benefits. The Group provides end-to-end solutions to
Samsung SDS
Samsung SDS provides cloud computing and digital logistics services. We build an optimized cloud environment with Samsung Cloud Platform specialized for businesses, provide all-in-one management service based on 38 years of expertise in each industry, and boost work efficiency and customer service w
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Orange Business CyberSecurity History Information
How many cyber incidents has Orange Business faced?
Total Incidents: According to Rankiteo, Orange Business has faced 5 incidents in the past.
What types of cybersecurity incidents have occurred at Orange Business?
Incident Types: The types of cybersecurity incidents that have occurred incidents Cyber Attack, Ransomware and Breach.
How does Orange Business detect and respond to cybersecurity incidents?
Detection and Response: The company detects and responds to cybersecurity incidents through containment measures with Identified and neutralised the majority of the unauthorised access and communication strategy with Posted a message on the social networking platform X and containment measures with The company's security team was mobilized to identify the origin of the attack and put in place all necessary solutions required to ensure the security of its systems..
Incident Details
Can you provide details on each incident?
Incident : Data Breach, Ransomware
Title: Orange Telecommunications Breach by Babuk Ransomware
Description: Major telecommunications provider Orange suffered a severe security breach by the Babuk ransomware gang, resulting in the theft of 4.5 TB of sensitive data. The compromised data includes customer records, email addresses, user data, source code, invoices, internal documents, contracts, employee details, credit cards, messages, call logs, and other personal information. This cyberattack has put both customers and the company at significant risk, impacting the confidentiality, integrity, and availability of valuable data.
Type: Data Breach, Ransomware
Threat Actor: Babuk ransomware gang
Incident : Hack
Title: Hack Targeting Orange's Spanish Business
Description: An unknown number of consumers were unable to access specific websites as a result of a hack that targeted Orange's Spanish business, a telecom operator. Orange successfully identified and neutralised the majority of the unauthorised access to its IP network coordination centre. The French corporation said that there was no risk to client data in a message posted on the social networking platform X.
Type: Hack
Incident : Data Breach
Title: Data Breach at Orange Cyberdefense
Description: Orange Cyberdefense suffered a data breach incident after a popular forum offered data allegedly from their firm. The data in the sample included Contact Name, Email, Phone Number, Company Name, and Solution Name. The listing also offered to sell access to Orange Cyberdefenseโs servers.
Type: Data Breach
Motivation: Data Theft, Financial Gain
Incident : Ransomware
Title: Orange S.A. Nefilim Ransomware Attack
Description: French telecommunications company Orange S.A. was targeted by a Nefilim ransomware group which resulted in data loss.
Type: Ransomware
Threat Actor: Nefilim ransomware group
Incident : Cyber Attack
Title: Cyber Attack on Orange and Nordnet
Description: Cyber attackers targeted Orange and its subsidiary internet provider Nordnet in France, affecting thousands of internet users across Europe amid the Ukraine-Russia war.
Type: Cyber Attack
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
Impact of the Incidents
What was the impact of each incident?
Incident : Data Breach, Ransomware ORA625031825
Data Compromised: customer records, email addresses, user data, source code, invoices, internal documents, contracts, employee details, credit cards, messages, call logs, other personal information
Incident : Hack ORA214221124
Systems Affected: IP network coordination centre
Operational Impact: Consumers unable to access specific websites
Incident : Data Breach ORA2131141122
Data Compromised: Contact Name, Email, Phone Number, Company Name, Solution Name
Incident : Ransomware ORA2911822
Data Compromised: Data from about 20 customers on its virtual hosting service was accessed.
Incident : Cyber Attack ORA2548322
Systems Affected: Internet Services
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are customer records, email addresses, user data, source code, invoices, internal documents, contracts, employee details, credit cards, messages, call logs, other personal information, Contact Name, Email, Phone Number, Company Name and Solution Name.
Which entities were affected by each incident?
Incident : Data Breach, Ransomware ORA625031825
Entity Type: Telecommunications provider
Industry: Telecommunications
Incident : Hack ORA214221124
Entity Type: Telecom Operator
Industry: Telecommunications
Location: Spain
Customers Affected: Unknown number
Incident : Ransomware ORA2911822
Entity Type: Telecommunications Company
Industry: Telecommunications
Location: France
Customers Affected: 20
Incident : Cyber Attack ORA2548322
Entity Type: Company
Industry: Telecommunications
Location: France
Customers Affected: 9000
Incident : Cyber Attack ORA2548322
Entity Type: Company
Industry: Internet Service Provider
Location: France
Customers Affected: 9000
Response to the Incidents
What measures were taken in response to each incident?
Incident : Hack ORA214221124
Containment Measures: Identified and neutralised the majority of the unauthorised access
Communication Strategy: Posted a message on the social networking platform X
Incident : Ransomware ORA2911822
Containment Measures: The company's security team was mobilized to identify the origin of the attack and put in place all necessary solutions required to ensure the security of its systems.
Data Breach Information
What type of data was compromised in each breach?
Incident : Data Breach, Ransomware ORA625031825
Type of Data Compromised: customer records, email addresses, user data, source code, invoices, internal documents, contracts, employee details, credit cards, messages, call logs, other personal information
Sensitivity of Data: High
Data Exfiltration: Yes
Personally Identifiable Information: Yes
Incident : Data Breach ORA2131141122
Type of Data Compromised: Contact Name, Email, Phone Number, Company Name, Solution Name
Personally Identifiable Information: Contact Name, Email, Phone Number
How does the company handle incidents involving personally identifiable information (PII)?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through were Identified and neutralised the majority of the unauthorised access and The company's security team was mobilized to identify the origin of the attack and put in place all necessary solutions required to ensure the security of its systems..
Ransomware Information
Was ransomware involved in any of the incidents?
Incident : Ransomware ORA2911822
Ransomware Strain: Nefilim
References
Where can I find more information about each incident?
Incident : Hack ORA214221124
Source: Social networking platform X
Where can stakeholders find additional resources on cybersecurity best practices?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Social networking platform X.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through was Posted a message on the social networking platform X.
Initial Access Broker
How did the initial access broker gain entry for each incident?
Incident : Data Breach ORA2131141122
Additional Questions
General Information
Who was the attacking group in the last incident?
Last Attacking Group: The attacking group in the last incident were an Babuk ransomware gang and Nefilim ransomware group.
Impact of the Incidents
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident were customer records, email addresses, user data, source code, invoices, internal documents, contracts, employee details, credit cards, messages, call logs, other personal information, Contact Name, Email, Phone Number, Company Name, Solution Name and Data from about 20 customers on its virtual hosting service was accessed..
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident was IP network coordination centre and Internet Services.
Response to the Incidents
What containment measures were taken in the most recent incident?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Identified and neutralised the majority of the unauthorised access and The company's security team was mobilized to identify the origin of the attack and put in place all necessary solutions required to ensure the security of its systems..
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were customer records, email addresses, user data, source code, invoices, internal documents, contracts, employee details, credit cards, messages, call logs, other personal information, Contact Name, Email, Phone Number, Company Name, Solution Name and Data from about 20 customers on its virtual hosting service was accessed..
References
What is the most recent source of information about an incident?
Most Recent Source: The most recent source of information about an incident is Social networking platform X.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
