back to article Orange France hacked AGAIN, 1.3 million victims seeing red

Personal data describing 1.3 million customers of Orange France has been stolen in the second hack to hit the telco this year. Hackers made off with subscriber names, dates of birth and phone numbers of about 4.9 percent of the telco's subscriber base. The company said hackers accessed data used for its email and SMS marketing …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

193.252.122.103

Linux

Apache

No surprises there then. I guess they didn't patch the latest LAMP holes.

0
6
Silver badge

Boring

This is getting as tedious as the oh look another windows bug brigade.

1
0

err @ ip and LAMP holes lol

Seriously ?

ping www.orange.fr

PING d.hpc.gtm.fti.net (193.252.122.103

What makes you think hacking a front page of a company gives insight or access to such details?

If I have a Linux machine that hosts my site and then I have actual complex systems that store user phone details outside of the box hosting the website

how would LAMP holes have any form of implication on such an attack....

Surely such an attack would comprise the actual box hosting the site and show information related on this box

telnet 193.252.122.103 80

Trying 193.252.122.103...

Connected to 193.252.122.103.

Escape character is '^]'.

GET / HTTP/1.1

HTTP/1.1 400 Bad Request

Date: Thu, 08 May 2014 09:01:21 GMT

Server: Apache

Vary: Accept-Encoding

Content-Length: 226

Connection: close

Content-Type: text/html; charset=iso-8859-1

Infact how can you be even sure it is LAMP ? it is Linux Apache

can you please confirm where you got Mysql Php from before we proceed to take these comments seriously !

Further more if you click a link it appears as aspx

Maybe it was that underlying crusty IIS Windoze stuff that was not patched ... so unless you have full details of the comprise no point in making such wild accusations

3
0
Bronze badge

Re: err @ ip and LAMP holes lol

@vahid

you were doing so well raging against the fanboy, until you said "Windoze"

so close!

2
0
Anonymous Coward

Re: err @ ip and LAMP holes lol

LAMP has had recent holes in Apache, and Linux has holes regularly, so for the statement made to be true doesnt also require PHP or MySQL to be used. However the whole LAMP stack is indeed in use:

http://assistance.orange.fr/accueil-mobile.php

https://www.linkedin.com/pub/quentin-bezat/5/5b/691

"Web Developer - PHP / MySQL / JavaScript - looking for Orange.fr on the search engine's display"

QED.

0
3
FAIL

Re: err @ ip and LAMP holes lol

> so for the statement made to be true doesnt [sic] also require PHP or MySQL to be used.

OMG, you're killing me here. "LAMP has holes" != "Apache/Linux has holes". You specified issues with a LAMP stack, so it does require MySQL and PHP in your argument. Otherwise it's not a LAMP stack, is it?

And you suppose that because they advertise for a job on PHP/MySQL (no L or A mentioned in your post at least) that this means all of their internet facing machines run LAMP, and that's how the hackers got in? That's already been dis-proven.

Great detection skills...

0
0
Anonymous Coward

Re: err @ ip and LAMP holes lol

It said: "I guess they didn't patch the latest LAMP holes."

The latest holes were apparently in Linux and Apache. So regardless of if they are actually running the whole stack that statement could be correct.

But they ARE running the whole stack, which makes you an idiot for such pointless pedantry.

"because they advertise for a job on PHP/MySQL"

I take it you didn't bother actually reading the link - that's what the guy says he has ACTUALLY been doing - and it names the website - and it specifically says they have 20 LAMP servers in the farm.

0
0

LAMP

Lazy Ar$e Meh Programmers

Likely ASPX Microsoft Puppets

Look At My Page

and it goes on...

0
0

@ LAMP lol

I take it you have had lots of job specifications from agencies which state LAMP and they were after

Lazy Ar$e Meh Programmers

Likely ASPX Microsoft Puppets

Look At My Page

haha

0
0
Anonymous Coward

Re: @ LAMP lol

Linux Always More Patches?

0
1
Silver badge
Trollface

ITT: A fistful of trolling

Or ACs from Redmond's basement. How is the Azure Cloud coming, guys.

0
0
This topic is closed for new posts.

Forums