Onze Aalsterse carnavalgroep presenteert: PETRAIAIAI.BE! Is het citaat AI, of Γ©cht?
Speel ons spel tegen AI brainrot!
(ook beschikbaar in 't Oilsjters! ππ§
)
π
https://petraiaiai.be
AI of echt? Doe de test met Petra!
Wie heeft wat gezegd, of is het verzonnen door AI? Speel het spel!
I am now officially a victim of AI-hallucination: anyone that Googles my company name now thinks I am a cybercriminal because I used the words "cybercrime investigator" on my website.
As people start to blindly trust AI-search, I wonder if this would classify as harAIssment? π€π
NEWS: A few hours after notifying their 850K breached users, Orange has silently retracted their statement that they have "found no evidence that the accessed data was disseminated". Was this vibe PR or a lack of actual investigation? I filed a complaint!
https://inti.io/p/how-brands-like-orange-downplay-security
How brands like Orange downplay security breaches
The secret PR playbook to spin & win any cybersecurity incident
For the sake of correctness: Orange Cyberdefense shares the same brand as Orange Belgium but is hosted within a different entity. My post is about Orange Belgium
I would expect Orange to at least:
- Explain the additional in-depth security measures they will take against SIM swapping attacks
- Provide new SIM cards / PUK codes to their users
- Provide FULL transparency about the steps they took to look for "evidence" of further leaks
Rather than shifting responsibility to its users and reframing the data theft in a misleading way to dodge the real consequences, Orange could lead by example and show the world that they're really the security leader @orangecyberdef claims to be.
We should not tolerate this.
The SIM card number is a crucial piece of information hackers need for a SIM swap attack resulting in number theft. And with the PUK code you can reset any PIN code. Both attacks can lead to complete social media takeovers. So no sensitive data? That is some solid corporate PR BS
Here's their translated security page (not available in EN), as usual they start with listing the 'sensitive data' not accessed.
Only then they talk about 'certain' data (PII, SIM card number and PUK) that HAS been accessed. What does that mean?
Orange Belgium just informed its 850K users about a "cyberattack" following the typical PR-playbook: downplay the risks and shift the responsibility to their users to protect themselves.
What triggers me the most is that they don't even talk about the risk of SIM swapping AT ALL:
Leeftijdscontrole voor pornosites gaat tegendraads werken, daar ben ik van overtuigd. Dit zal pornokijkers van alle leeftijden drijven naar ongereguleerde websites waar er niet gemodereerd wordt, dus ook niet op extreme en niet consensuele beelden, of erger. π€¦
