Orange's online customer portal was hacked for the second time in a three month period, resulting in the theft of 1.3 million users' data.
The breach occurred in mid-April, when a software platform used by Orange to send promotional messages was hacked, according to Reuters.
Email addresses, phone numbers and dates of birth were accessed by cyber criminals, but no other information was leaked.
To make matters worse, the hacked platform was "opt-in," which means only those who willingly agreed to received promotions are affected. This will undoubtedly make some consumers think twice about signing up in future.
Article continues below
This is not the first time this year that Orange was hacked. In February, 800,000 emails, passwords, addresses and phone numbers were stolen from Orange's website.
The revelation also follows a more disastrous hack against US retailer Target, where 40 million customers' credit card details were stolen. The company's CIO was forced to resign, followed by the CEO.
This latest breach is seen as a major embarrassment for Orange, which pledged last November to keep customer data safe in the wake of the NSA spying scandal.
Orange said it has informed affected users and warned of potential phishing emails designed to secure additional information.