On Sunday, September 4 at 6 pm, Orange Cyberdefense learned that a file containing the personal data of a few hundred Micro-SOC customers in France had been published on a specialized forum (full name, email address, phone number, function, company, and the services they have subscribed to). In the next two hours we set up a crisis unit and started investigating. Our priority was to protect our customers and our own information system. On the 5th in the morning we identified the source of the data, which was a portal using the MicroSOC France service. So, we took additional security measures to secure the service and to avoid any further potential leaks.
On the 5th, in the afternoon, twenty hours after finding out about the incident, we contacted all affected customers by email. At the same time, their usual contact at Orange Cyberdefense called them individually. We explained everything we knew to them and reassured them about the following things:
On the 5th and 6th, we also informed internal employees via line management. On the 7th, all employees in France received an email informing them about the incident and on the 8th all employees outside France did too. At the same time, we responded to the press.
At the same time, Orange Cyberdefense contacted the relevant authorities including the French data protection authority (CNIL) with a preliminary personal data breach report and the National Cybersecurity Agency of France (ANSSI).
On the 9th, a publication was posted on the Orange Cyberdefense France and Global websites.
Two weeks after the incident, while the investigations continue, at this stage we can say:
On 23 September 2022, Orange Cyberdefense closed this incident after finalising the implementation of additional measures to secure the service and prevent potential further leaks