Orange has had to suspend access to its "Enable" system since last Thursday when it became aware that a third party was trying to access the credit checking and connection management system.

In a statement, Orange said someone tried to get in to the system, which is designed for internal and external sales people. Orange wouldn't be drawn on what data, if any, was compromised. The system is designed to manage customers wanting upgrades or coming to the end of their contract, so it seems likely that the attacker was someone who could gain financially from that information.

The most obvious candidate would be a contract reseller, who wanted to call up Orange customers coming to the end of their contracts. Such companies have, in the past, been reduced to calling people at random in the hope of hitting someone near renewal, so they would certainly be interested in details of customers nearing the end of their contracts, including their eligibility and credit rating, as well as name and number.

So, if you're an Orange customer getting suspicious calls offering you a new contract, let us know.

The Reg understands that new usernames and passwords have been issued to legitimate Enable users, though the system isn't fully operational and Orange says it is still investigating. So don't hold your breath. ®

Related stories

• Collaborators offered pre-built SharePoint app (5 July 2007)
• Orange Value Promise not as much value as promised (11 May 2007)
• Orange becomes more like bank: launches overdraft facility (1 May 2007)
• Orange boss walks out (26 April 2007)
• Register Hardware HD hackers stay ahead of AACS (13 April 2007)
• Orange unpeels Samsung BlackBerry-esque i600 (12 April 2007)
• Orange punts two year lock-in (11 April 2007)
• Mobile survey uncovers staff ignorance (4 April 2007)
• Ofcom cuts mobile charges (27 March 2007)