Brinztech Alert: Orange Belgium Discloses Data Breach Impacting 850,000 Customers

Key Takeaways

• Orange Belgium has confirmed a data breach that was detected in late July 2025.
• The breach affects approximately 850,000 of its mobile customers.
• Stolen data includes names, phone numbers, SIM card numbers, PUK codes, and tariff plans.
• According to the company, passwords, email addresses, and financial information were not compromised in this incident.
• Orange Belgium is notifying all affected customers and warning them of the high risk of follow-on SIM swapping and phishing attacks.

Orange Belgium Confirms Major Customer Data Breach

What Happened? On Wednesday, August 20, 2025, Orange Belgium announced that it had sustained a cyberattack at the end of July. The company stated that threat actors gained unauthorized access to one of its IT systems containing the account information of 850,000 customers. While Orange Belgium is aware of the threat group responsible, their identity has not been disclosed due to an ongoing investigation. The company has confirmed this incident is separate from other recent attacks on Orange Group in France.

What Data Was Stolen? This breach is particularly dangerous due to the specific types of data compromised. According to Orange Belgium, the attackers stole:

• Surname and First Name
• Telephone Number
• SIM Card Number
• PUK Code
• Tariff Plan

Critically, the company has stated that the breach did not include passwords, email addresses, or financial information.

The Primary Threat: SIM Swapping and Vishing

The most severe risk stemming from this specific combination of stolen data is the threat of SIM swapping.

A SIM swap attack is a type of account takeover fraud where a criminal uses a victim’s personal information to trick their mobile carrier into transferring the victim’s phone number to a new SIM card controlled by the attacker. With the name, phone number, SIM card number, and PUK code, a threat actor has a powerful toolkit to convincingly impersonate a legitimate customer to a support agent.

If a SIM swap is successful, the attacker takes control of the victim’s phone number. They can then intercept all incoming calls and text messages, including one-time passwords and two-factor authentication (2FA) codes sent via SMS. This allows them to reset passwords and break into the victim’s most sensitive online accounts, such as banking, email, and social media.

Additionally, the leaked data enables highly targeted voice phishing (vishing) campaigns, where attackers call victims and use the stolen information to sound credible and manipulate them into revealing passwords or financial details.

Brinztech’s Recommendations

1. For Affected Orange Belgium Customers:
   • Be on Maximum Alert for SIM Swap Attacks: The most common sign of a SIM swap is your phone suddenly losing mobile service for no reason. If this happens, contact Orange Belgium immediately from a different phone to report a potential fraudulent port-out.
   • Treat All Unsolicited Communications with Extreme Suspicion: Do not trust any unsolicited call or message claiming to be from Orange, your bank, or another service, even if the caller knows your personal details. Hang up and contact the company through an official, verified phone number or website.
   • Never Share PUK Codes or Passwords: Your PUK code is a master key for your SIM card. Never share it with anyone who contacts you unexpectedly.
2. For All Mobile Users:
   • Move Away from SMS-Based 2FA: This breach is a powerful reminder that SMS is the least secure method for two-factor authentication. For all critical accounts (especially banking, email, and cryptocurrency), switch to more secure 2FA methods like an authenticator app (e.g., Google Authenticator, Authy) or a physical security key. This makes your accounts immune to SIM swap attacks.

Secure Your Organization with Brinztech As a cybersecurity provider, we can protect your business from the threats discussed here. Contact us to learn more about our services.

Questions or Feedback? For expert advice, use our ‘Ask an Analyst’ feature. For general inquiries or to report this post, please email us: contact@brinztech.com