Orange Belgium Data Breach Exposes 850,000 Customer Accounts

Orange Belgium confirmed that a cyberattack in late July 2025 led to unauthorized access to data from 850,000 customer accounts. The breach was discovered when the telecom provider detected suspicious activity on one of its IT systems, prompting immediate activation of its incident response plan and notification of regulatory authorities.

In an official statement, Orange Belgium emphasized that the attack was swiftly contained, and access to the affected system was blocked. Judicial authorities were also alerted, and an official complaint was filed to support further investigation.

What Data Was Compromised?

According to the company, the exposed information includes:

• Customer names

• Phone numbers

• SIM card numbers

• PUK codes (used to unlock SIM cards)

• Customer tariff plans

Crucially, Orange Belgium confirmed that no addresses, email addresses, passwords, or financial details were part of the breach. While the compromised data may not directly enable financial fraud, the availability of SIM and PUK details could still facilitate SIM swap attacks or other forms of targeted exploitation.

How Customers Are Being Notified

Impacted customers have been contacted via email or SMS. The telecom provider urged individuals to remain vigilant against phishing attempts, unsolicited communication, and social engineering tactics that could arise from the stolen data.

Customers were also reminded not to share sensitive information, such as banking credentials, in response to suspicious messages.

Wider Context: Orange Group Under Pressure

This breach follows a separate cyberattack on Orange Group (the parent company) on July 25, which disrupted some management services and platforms in France. While Orange Group initially stated no customer data was exposed in that attack, the proximity in timing raises concerns about whether these incidents may be linked.

Adding to the complexity, the ransomware group WarLock has claimed responsibility for stealing Orange customer data. Some of the files leaked online by the group suggest that the compromised records may also include French customers, though Orange Belgium has not confirmed this.

Implications for Telecom Security

Telecom providers are frequent targets of cybercriminals because of their central role in identity verification, communications, and financial services. Access to SIM card data in particular can enable attackers to hijack accounts across banking, email, and social media platforms through SIM swapping.

The Orange Belgium breach highlights the importance of:

• Timely incident detection and response

• Multi-factor authentication (MFA) for critical services

• Ongoing monitoring of criminal forums to detect leaked data early

Conclusion

While no financial or password data was compromised, the theft of SIM and PUK details represents a serious risk to affected customers. Orange Belgium’s quick detection and transparent notification are positive steps, but the incident underscores the evolving threat landscape telecom companies face.

Customers should remain on high alert for phishing attempts and monitor their accounts closely in the coming weeks.