CERT Orange

The Orange CERT Coordination Center (Orange-CERT-CC) or “CERT Orange” is the operational structure responsible for managing IT security incidents that might affect the activities of the Orange Group, including its various business units and subsidiaries.

As a member of FIRST, CERT Orange adheres to responsible management principles for vulnerabilities brought to its attention (Responsible Disclosure principles). CERT Orange is committed to responding to any vulnerability-related information brought to its attention and finding a solution to it within a reasonable timeframe, while keeping the person or entity that brought this vulnerability to its attention regularly informed.

CERT la sécurité du Groupe

The Orange-CERT-CC’s use of the registered trademark “CERT” has been authorized by Carnegie Mellon University’s CERT.


Contact us

To report any security incidents or vulnerabilities that might concern the activities of the Orange Group or any of its business units, you can contact us by email:  cert@orange.com or by postmail at the following address:

DSCS/IT&Network Security/CERT-CC
Site Orange Gardens
40-48, avenue de la République,
92320 Châtillon

If you wish to report any abuse to Orange concerning orange.com domain (phishing, spam, scam…), please contact us by email : abuse@orange.com




Confidentiality of communications

If you would like to submit any sensitive information to us, we recommend protecting it by encrypting it with our PGP key 0x845B9C1D38382441 with the following fingerprint: D8B93539D863425ADF4AFD73845B9C1D38382441.


BugBounty Program

The Orange Group organizes both public and private BugBounty programs.
There are not currently any active public BugBounty programs.

Orange Customer? Would you like to report an attempted phishing attack or spam?

If you have been targeted by an attempted phishing attack or if you wish to report having received any unsolicited messages (spam), contact your local assistance on your country portal


  1. In France
  2. Other Countries