Mobile telecoms operator Orange has been hacked for the second time in three months after 1.3 million accounts were compromised.
Names, telephone numbers, dates of birth and email addresses of about 1.3m people in France were exposed in the attack last month, which has only just come to light.
The compromise occurred after hackers gained access to the platform that Orange uses to send promotional emails and SMS text messages.
The company, which is the fourth largest mobile operator in Europe, claims that it has already taken action to secure its systems.
“The data recovered could be used to contact those concerned by email, SMS or by phone, particularly for phishing purposes,” the company warned in a statement.
“All necessary actions have been implemented to correct the relevant technical dysfunctions and to prevent any new illegitimate access to this data…”
It continued: “To ensure full transparency on this issue, we have informed everyone concerned… In a highly-sensitive global context concerning such issues, Orange continues its efforts to limit such security risks.”
The company says that no payment or credit card data was taken at the same time. The breach was detected on 18 April, but the company delayed notification while it investigated and secured the systems.
It follows the loss of personal data of 800,000 customers in February at the French mobile telecoms and internet service provider. Both hacks came after Orange CEO Stephane Richard signed a charter pledging the company to protect its customers’ personal data and to respect their privacy.
It is not the only telecoms operator in Europe subject to such attacks. Last September, Vodafone’s German arm admitted that the personal data of some two million customers had been compromised in an attack.