France Suffers Massive Data Breach

Over 50% of the French population’s personal data has been stolen in a cyber attack. A French government department, which is responsible for registering and assisting unemployed people, is the latest victim of a mega data breach that compromised the information of up to 43 million citizens.

According to France Travail and Cap Emploi, the exposed data includes the first and last names, dates of birth, social security numbers, employment agency identifiers, email and postal addresses, and their telephone numbers. However, it is understood that people’s passwords and banking details are so far still secure and have not been stolen in the cyber breach.

"Personal information concerning job seekers currently registered with France Travail, people previously registered over the last 20 years as well as people not registered on the list of applicants employment but having a candidate space on francetravail.fr is likely to be disclosed and exploited illegally," France Travail confirmed in a statement.

Both agencies said that on Wednesday 13th March they told the National Commission on Information Technology and Freedoms (CNIL), the National Agency for the Security of Information Systems (ANSSI) and the judicial authorities.

"The security of data entrusted to us by job seekers and businesses is a constant concern for us. In view of the threat of cyber attacks which is increasingly affecting businesses and organisations at national and European level, we must continuously strengthen our protection arrangements, procedures and guidelines," Cap Emploi said.

CNIL is telling the victims to remain vigilant over the potential threat of phishing attacks, and has advised at-risk individuals to avoid opening suspect email attachments or sharing passwords and banking details.
The attackers could, the agency warned, combine data with other data stolen in previous breaches for the purposes of identity fraud.

French public services have faced a major escalation in cyber attacks in recent months, authorities have warned. Recently, sources from the French prime minister’s office told told the press that  the country has been subjected to attacks of “unprecedented intensity”.

These comments came in the wake of a series of attacks on French government departments which prompted authorities to activate a ‘crisis unit’ to deal with the incident. In February, 2 French health service firms had data hacks, which affected around 33 million people. Viamedis and Almerys said the stolen data included marital status, date of birth, social security number, the name of the customer's health insurer and the guarantees of their contract.

IT Pro     |     The Register     |     France Travail     |     Euronews     |     Infosecurity Magazine

Image: Kagenmi

You Might Also Read: 

Russian Hackers Make A Sustained Attack On France:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« African Countries Hit By Severe Internet Disruption
Scottish Health Service Patient Data Hacked & Stolen »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Teneo

Teneo

Teneo is a Solutions Provider focused on reducing complexity. We combine leading technology with deep expertise to create new ideas on how to simplify IT operations.

National Security Agency (NSA)

National Security Agency (NSA)

NSA is a US intel agency responsible for the protection of government communications and information systems against penetration and network warfare.

World Wide Technology (WWT)

World Wide Technology (WWT)

WWT is a technology solution provider in the areas of big data, collaboration, computing and cloud, mobility, networking, security and storage.

Iceberg

Iceberg

Iceberg has been established to provide companies with cyber security experts who will protect businesses from the unseen threat of cyber crime.

SafeBreach

SafeBreach

SafeBreach's platform simulates hacker breach methods across the entire kill chain to identify breach scenarios in your environment before an attacker does.

CyberPrism

CyberPrism

CyberPrism provides SaaS solutions using proprietary technology, underpinned by industry-leading technical practitioners to protect OT within Government, Maritime and Industrial markets.

Codified Security

Codified Security

Codified is a testing platform for mobile application software. We make it easier than ever for companies to detect and fix security vulnerabilities and ensure their applications are compliant.

Lumen Technologies

Lumen Technologies

Lumen is an enterprise technology platform that enables companies to capitalize on emerging applications and power the 4th Industrial Revolution (4IR).

Seavus

Seavus

Seavus is a software development and consulting company with a proven track-record in providing successful enterprise-wide business solutions including Managed Security Services.

RackTop Systems

RackTop Systems

RackTop Systems is the pioneer of CyberConverged data security, a new market that fuses data storage with advanced security and compliance into a single platform.

Cytellix

Cytellix

Cytellix is an industry-standards-based, managed cybersecurity service provider, specializing in proactive behavioral analytics and situational awareness of an organization’s cyber posture.

Amidas Hong Kong

Amidas Hong Kong

Amidas is your trusted companion on the road to Digital Transformation. We provide a full range of Information Technology Solutions and Professional Services to Enterprise customers.

HORNE

HORNE

HORNE is a professional services firm supporting clients in public, private & government sectors nationwide.

HiSolutions

HiSolutions

HiSolutions is a renowned consulting firms for IT governance, risk & compliance in Germany, combining highly specialized know-how in the field with profound process competence.

Emerge Digital

Emerge Digital

Emerge Digital is a technology and digital innovation business and Managed Services Provider providing solutions to SMEs.

Redpoint Cybersecurity

Redpoint Cybersecurity

Redpoint Cybersecurity is a human-led, technology-enabled managed cybersecurity provider specializing in Digital Forensics, Incident Response and proactive cyberattack prevention.