The hacker group Ragnar Locker sells privacy-sensitive data of Orange customers via the messaging service Telegram. The perpetrators placed a data sample of the captured data on the platform last week. Everything indicates the information was captured in a ransomware attack on the Zwijndrecht police zone in September 2022.
This is reported by the Belgian medium Data News, which has viewed the data.
This information has been made public
The editors of Data News write that the test sample consists of data from six thousand telephone calls and data connections that were made via Orange’s mobile network. This concerns names, home addresses, call logs of telephone conversations, telephone numbers, location data and IMEI and IMSI numbers.
The International Mobile Equipment Identity or IMEI number is a number that can be used to determine the identity of a smartphone. The International Mobile Subscriber Identity or IMSI number is a unique identification number that allows carriers to recognize specific network users.
‘Data leak could have far-reaching consequences for victims’
Ethical hacker Inti De Ceukelaire tells Data News that the data breach could have far-reaching consequences for the victims. “There are many puzzle pieces that can be used to complete a puzzle,” he explains.
The data can be used or misused for various purposes. “The duration of the telephone conversations and the location data: these are data that police services use, for example, in their investigations. If that data ended up in the wild, private individuals could also use it, for example, to find out whether their partner is cheating. Or companies to see whether someone has been in contact with the competition,” says the ethical hacker.
The IMSI data can be used to track users. For example, IMEI data allows hackers and cybercriminals to report a phone as stolen on behalf of the victim.
Orange itself emphasizes that its systems have never been hacked. “There is no indication that data has been leaked from the operators themselves. The telecom operators, therefore, deeply regret that this data has been released and hope that the necessary steps will be taken,” said a spokesperson for the technology federation Agoria in a response.
The data distributed via Telegram was obtained via a ransomware attack at the Zwijndrecht police zone. This took place last September. In November 2022, it emerged that in addition to personal data, the attackers had also stolen privacy-sensitive information from police files. In total, this would be 46 GB of data. Hacker group Ragnar Locker has claimed responsibility for the cyber attack.
More Articles Here
Follow Us Here