back to article Orange France hacked AGAIN, 1.3 million victims seeing red

Personal data describing 1.3 million customers of Orange France has been stolen in the second hack to hit the telco this year. Hackers made off with subscriber names, dates of birth and phone numbers of about 4.9 percent of the telco's subscriber base. The company said hackers accessed data used for its email and SMS …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    193.252.122.103

    Linux

    Apache

    No surprises there then. I guess they didn't patch the latest LAMP holes.

    1. John G Imrie

      Boring

      This is getting as tedious as the oh look another windows bug brigade.

    2. vahid

      err @ ip and LAMP holes lol

      Seriously ?

      ping www.orange.fr

      PING d.hpc.gtm.fti.net (193.252.122.103

      What makes you think hacking a front page of a company gives insight or access to such details?

      If I have a Linux machine that hosts my site and then I have actual complex systems that store user phone details outside of the box hosting the website

      how would LAMP holes have any form of implication on such an attack....

      Surely such an attack would comprise the actual box hosting the site and show information related on this box

      telnet 193.252.122.103 80

      Trying 193.252.122.103...

      Connected to 193.252.122.103.

      Escape character is '^]'.

      GET / HTTP/1.1

      HTTP/1.1 400 Bad Request

      Date: Thu, 08 May 2014 09:01:21 GMT

      Server: Apache

      Vary: Accept-Encoding

      Content-Length: 226

      Connection: close

      Content-Type: text/html; charset=iso-8859-1

      Infact how can you be even sure it is LAMP ? it is Linux Apache

      can you please confirm where you got Mysql Php from before we proceed to take these comments seriously !

      Further more if you click a link it appears as aspx

      Maybe it was that underlying crusty IIS Windoze stuff that was not patched ... so unless you have full details of the comprise no point in making such wild accusations

      1. Valeyard

        Re: err @ ip and LAMP holes lol

        @vahid

        you were doing so well raging against the fanboy, until you said "Windoze"

        so close!

      2. Anonymous Coward
        Anonymous Coward

        Re: err @ ip and LAMP holes lol

        LAMP has had recent holes in Apache, and Linux has holes regularly, so for the statement made to be true doesnt also require PHP or MySQL to be used. However the whole LAMP stack is indeed in use:

        http://assistance.orange.fr/accueil-mobile.php

        https://www.linkedin.com/pub/quentin-bezat/5/5b/691

        "Web Developer - PHP / MySQL / JavaScript - looking for Orange.fr on the search engine's display"

        QED.

        1. Billa Bong
          FAIL

          Re: err @ ip and LAMP holes lol

          > so for the statement made to be true doesnt [sic] also require PHP or MySQL to be used.

          OMG, you're killing me here. "LAMP has holes" != "Apache/Linux has holes". You specified issues with a LAMP stack, so it does require MySQL and PHP in your argument. Otherwise it's not a LAMP stack, is it?

          And you suppose that because they advertise for a job on PHP/MySQL (no L or A mentioned in your post at least) that this means all of their internet facing machines run LAMP, and that's how the hackers got in? That's already been dis-proven.

          Great detection skills...

          1. Anonymous Coward
            Anonymous Coward

            Re: err @ ip and LAMP holes lol

            It said: "I guess they didn't patch the latest LAMP holes."

            The latest holes were apparently in Linux and Apache. So regardless of if they are actually running the whole stack that statement could be correct.

            But they ARE running the whole stack, which makes you an idiot for such pointless pedantry.

            "because they advertise for a job on PHP/MySQL"

            I take it you didn't bother actually reading the link - that's what the guy says he has ACTUALLY been doing - and it names the website - and it specifically says they have 20 LAMP servers in the farm.

  2. Your alien overlord - fear me

    LAMP

    Lazy Ar$e Meh Programmers

    Likely ASPX Microsoft Puppets

    Look At My Page

    and it goes on...

    1. vahid

      @ LAMP lol

      I take it you have had lots of job specifications from agencies which state LAMP and they were after

      Lazy Ar$e Meh Programmers

      Likely ASPX Microsoft Puppets

      Look At My Page

      haha

      1. Anonymous Coward
        Anonymous Coward

        Re: @ LAMP lol

        Linux Always More Patches?

  3. Destroy All Monsters Silver badge
    Trollface

    ITT: A fistful of trolling

    Or ACs from Redmond's basement. How is the Azure Cloud coming, guys.

This topic is closed for new posts.

Other stories you might like