The Orange CERT Coordination Center is the operational structure responsible for managing security incidents that might affect all information and network technologies of the Orange Group, including its business units and subsidiaries.
Orange CERT adheres to responsible management principles for vulnerabilities brought to its attention (Responsible Disclosure principles), commits to respond to any incident-related information brought to its attention and to provide feedback within a reasonable timeframe.
Orange CERT performs regular security scans on prefixes routed behind Autonomous System Numbers (ASN) allocated to Orange networks. Please send us an email if any question.
Contact us
Security incidents could be reported by e-mail to cert.cc@orange.com or direct message on X/Twitter to @orangecertcc.
For encrypted electronic communications, we recommend using our PGP key 0x845B9C1D38382441 with the fingerprint D8B9 3539 D863 425A DF4A FD73 845B 9C1D 3838 2441, available here.
Spam or other email abuse reports, related to orange.com domain, could be sent by e-mail to abuse@orange.com.
For any other contact you can write to us at the following address:
- DSCS/DSEC/CERT
Orange Gardens
44 avenue de la République
CS 50010
92326 Chatillon Cedex
France
Customers who would like to report phishing attempts or unsolicited messages (spam) should contact their customer service center or refer to instructions on their customer portal.
Current RFC 2350 document for Orange CERT-CC is Version 1.2 dated from July 1st 2024 (PGP signature).
Authorized to use CERT trademark, Orange CERT is member of the FIRST (Forum for Incident Response and Security Teams), listed member at the Trusted Introducer and member of InterCERT France.