France Suffers Massive Data Breach

Uploaded on 2024-03-25 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

Over 50% of the French population’s personal data has been stolen in a cyber attack. A French government department, which is responsible for registering and assisting unemployed people, is the latest victim of a mega data breach that compromised the information of up to 43 million citizens.

According to France Travail and Cap Emploi, the exposed data includes the first and last names, dates of birth, social security numbers, employment agency identifiers, email and postal addresses, and their telephone numbers. However, it is understood that people’s passwords and banking details are so far still secure and have not been stolen in the cyber breach.

"Personal information concerning job seekers currently registered with France Travail, people previously registered over the last 20 years as well as people not registered on the list of applicants employment but having a candidate space on francetravail.fr is likely to be disclosed and exploited illegally," France Travail confirmed in a statement.

Both agencies said that on Wednesday 13th March they told the National Commission on Information Technology and Freedoms (CNIL), the National Agency for the Security of Information Systems (ANSSI) and the judicial authorities.

"The security of data entrusted to us by job seekers and businesses is a constant concern for us. In view of the threat of cyber attacks which is increasingly affecting businesses and organisations at national and European level, we must continuously strengthen our protection arrangements, procedures and guidelines," Cap Emploi said.

CNIL is telling the victims to remain vigilant over the potential threat of phishing attacks, and has advised at-risk individuals to avoid opening suspect email attachments or sharing passwords and banking details.
The attackers could, the agency warned, combine data with other data stolen in previous breaches for the purposes of identity fraud.

French public services have faced a major escalation in cyber attacks in recent months, authorities have warned. Recently, sources from the French prime minister’s office told told the press that  the country has been subjected to attacks of “unprecedented intensity”.

These comments came in the wake of a series of attacks on French government departments which prompted authorities to activate a ‘crisis unit’ to deal with the incident. In February, 2 French health service firms had data hacks, which affected around 33 million people. Viamedis and Almerys said the stolen data included marital status, date of birth, social security number, the name of the customer's health insurer and the guarantees of their contract.

IT Pro     |     The Register     |     France Travail     |     Euronews     |     Infosecurity Magazine

Image: Kagenmi

You Might Also Read: 

Russian Hackers Make A Sustained Attack On France:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« African Countries Hit By Severe Internet Disruption
Scottish Health Service Patient Data Hacked & Stolen »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CyberPolicy

CyberPolicy

CyberPolicy is a cyber protection solution for small businesses. It combines three important components against cyber threats - Cyber Plan, Cybersecurity and Cyber Insurance.

aeCERT

aeCERT

aeCERT is the national Computer Emergency Response Team for the United Arab Emirates.

Vicarius

Vicarius

Vicarius’ mission is to revolutionize vulnerability management from problem detection to proactive problem resolution.

Sponge

Sponge

Sponge is a world-renowned digital learning provider on a mission to make learning unforgettable.

CyCraft Technology Corp

CyCraft Technology Corp

CyCraft is an AI company that forges the future of cybersecurity resilience through autonomous systems and human-AI collaboration.

CUJO AI

CUJO AI

CUJO AI is the global leader in the development and application of artificial intelligence to improve the security, control and privacy of connected devices in homes and businesses.

Business Hive Vilnius (BHV)

Business Hive Vilnius (BHV)

BHV is one of the oldest startup incubator and technology hubs in the Baltics, primarily focused on hardware, security, blockchain, AI, fintech and enterprise software.

Findcourses.com

Findcourses.com

Findcourses is a dedicated education search engine designed to make it easy for our learners to search and find exactly what they need from our community of trusted training providers.

CyVolve

CyVolve

Cyvolve is the next great leap forward in data security, ensuring constant encryption and pervasive control over all your data.

Raonsecure

Raonsecure

Raonsecure is one of Korea’s leading ICT security software companies – providing a variety of PC and mobile security solutions to financial institutions, government, and enterprise.

ThreatX

ThreatX

ThreatX provides complete web application & API protection to address expanding app footprints and complex attacks.

Privafy

Privafy

Privafy helps mobile service providers, IoT manufactures , and enterprises redefine the way they protect Data-in-Motion.

SRG Security Resource Group

SRG Security Resource Group

SRG Security Resource Group is a Canadian company dedicated to providing world-class Physical and Cyber Security services.

HLB Mann Judd (Fiji)

HLB Mann Judd (Fiji)

HLB Mann Judd (Fiji) (formerly known as HLB Crosbie & Associates) is a well-established firm of accountants and business advisers in Fiji.

Alchemy Security Consulting

Alchemy Security Consulting

Alchemy Security Consulting specialise in offensive and defensive cyber security. We find the weak link in your security so you can patch it up fast and avoid being hacked.

SIGLA Group

SIGLA Group

SIGLA Group specialize in the design and development of IT and OT solutions, from analysis to design, from implementation to commissioning, as well as consultancy, training and assistance.