France Suffers Massive Data Breach

Uploaded on 2024-03-25 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

Over 50% of the French population’s personal data has been stolen in a cyber attack. A French government department, which is responsible for registering and assisting unemployed people, is the latest victim of a mega data breach that compromised the information of up to 43 million citizens.

According to France Travail and Cap Emploi, the exposed data includes the first and last names, dates of birth, social security numbers, employment agency identifiers, email and postal addresses, and their telephone numbers. However, it is understood that people’s passwords and banking details are so far still secure and have not been stolen in the cyber breach.

"Personal information concerning job seekers currently registered with France Travail, people previously registered over the last 20 years as well as people not registered on the list of applicants employment but having a candidate space on francetravail.fr is likely to be disclosed and exploited illegally," France Travail confirmed in a statement.

Both agencies said that on Wednesday 13th March they told the National Commission on Information Technology and Freedoms (CNIL), the National Agency for the Security of Information Systems (ANSSI) and the judicial authorities.

"The security of data entrusted to us by job seekers and businesses is a constant concern for us. In view of the threat of cyber attacks which is increasingly affecting businesses and organisations at national and European level, we must continuously strengthen our protection arrangements, procedures and guidelines," Cap Emploi said.

CNIL is telling the victims to remain vigilant over the potential threat of phishing attacks, and has advised at-risk individuals to avoid opening suspect email attachments or sharing passwords and banking details.
The attackers could, the agency warned, combine data with other data stolen in previous breaches for the purposes of identity fraud.

French public services have faced a major escalation in cyber attacks in recent months, authorities have warned. Recently, sources from the French prime minister’s office told told the press that  the country has been subjected to attacks of “unprecedented intensity”.

These comments came in the wake of a series of attacks on French government departments which prompted authorities to activate a ‘crisis unit’ to deal with the incident. In February, 2 French health service firms had data hacks, which affected around 33 million people. Viamedis and Almerys said the stolen data included marital status, date of birth, social security number, the name of the customer's health insurer and the guarantees of their contract.

IT Pro     |     The Register     |     France Travail     |     Euronews     |     Infosecurity Magazine

Image: Kagenmi

You Might Also Read: 

Russian Hackers Make A Sustained Attack On France:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« African Countries Hit By Severe Internet Disruption
Scottish Health Service Patient Data Hacked & Stolen »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Logicalis

Logicalis

Logicalis are a leading provider of global IT solutions and managed services.

Octopus Cybercrime Community

Octopus Cybercrime Community

The Octopus Community is a platform for information sharing and cooperation on cybercrime and electronic evidence.

Digital Infrastructure Association (DINL)

Digital Infrastructure Association (DINL)

DINL is the leading representative for companies and organisations which are active within the Dutch digital infrastructure sector.

IoT European Research Cluster (IERC)

IoT European Research Cluster (IERC)

IERC brings together EU-funded projects with the aim of defining a common vision for IoT technology and development research challenges.

LiveVault

LiveVault

LiveVault delivers fully automated, turnkey, backup over the Internet or a private network connection for uninterrupted remote data protection.

Devel

Devel

Devel is a LATAM cybersecurity company specialized in providing red, blue and purple team services for the financial sector.

Pixalate

Pixalate

Pixalate is an omni-channel fraud intelligence company that works with brands and platforms to prevent invalid traffic and improve ad inventory quality.

Cyber Threat Defense (CT Defense)

Cyber Threat Defense (CT Defense)

CT Defense specialize in penetration testing and security assessments.

Alpine Security

Alpine Security

Alpine Security provides penetration testing, security assessments and cybersecurity training services.

NXTsoft

NXTsoft

NXTsoft’s solutions help businesses secure, connect and optimize their data to maximize revenue opportunities, enhance profitability, and mitigate cybersecurity risk.

Mr Backup (MRB)

Mr Backup (MRB)

MRB offers Data Protection as a Service for businesses looking to reduce the time, cost and complexity of securing your company data.

Mirai Security

Mirai Security

Mirai Security are a cyber security company that specializes in Governance, Risk Management and Compliance, Cloud Security and Application Security.

Hetz Ventures

Hetz Ventures

Hetz Ventures is a global-facing VC investing in highly talented and ambitious Israeli founders who operate at the cutting edge of deep technology.

Allstate Identity Protection

Allstate Identity Protection

Allstate make it easy to provide complete identity protection, so everyone can live more confidently online.

Iolo

Iolo

Iolo develops patented technology and award-winning software that repairs, optimizes, and protects computers, to maximize system speed and performance while keeping them safe.

Viatel Technology Group

Viatel Technology Group

Viatel Technology Group is a complete digital services provider. We have over 26 years’ experience delivering fully managed security, networking, cloud and communications services.