France Suffers Massive Data Breach

Uploaded on 2024-03-25 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

Over 50% of the French population’s personal data has been stolen in a cyber attack. A French government department, which is responsible for registering and assisting unemployed people, is the latest victim of a mega data breach that compromised the information of up to 43 million citizens.

According to France Travail and Cap Emploi, the exposed data includes the first and last names, dates of birth, social security numbers, employment agency identifiers, email and postal addresses, and their telephone numbers. However, it is understood that people’s passwords and banking details are so far still secure and have not been stolen in the cyber breach.

"Personal information concerning job seekers currently registered with France Travail, people previously registered over the last 20 years as well as people not registered on the list of applicants employment but having a candidate space on francetravail.fr is likely to be disclosed and exploited illegally," France Travail confirmed in a statement.

Both agencies said that on Wednesday 13th March they told the National Commission on Information Technology and Freedoms (CNIL), the National Agency for the Security of Information Systems (ANSSI) and the judicial authorities.

"The security of data entrusted to us by job seekers and businesses is a constant concern for us. In view of the threat of cyber attacks which is increasingly affecting businesses and organisations at national and European level, we must continuously strengthen our protection arrangements, procedures and guidelines," Cap Emploi said.

CNIL is telling the victims to remain vigilant over the potential threat of phishing attacks, and has advised at-risk individuals to avoid opening suspect email attachments or sharing passwords and banking details.
The attackers could, the agency warned, combine data with other data stolen in previous breaches for the purposes of identity fraud.

French public services have faced a major escalation in cyber attacks in recent months, authorities have warned. Recently, sources from the French prime minister’s office told told the press that  the country has been subjected to attacks of “unprecedented intensity”.

These comments came in the wake of a series of attacks on French government departments which prompted authorities to activate a ‘crisis unit’ to deal with the incident. In February, 2 French health service firms had data hacks, which affected around 33 million people. Viamedis and Almerys said the stolen data included marital status, date of birth, social security number, the name of the customer's health insurer and the guarantees of their contract.

IT Pro     |     The Register     |     France Travail     |     Euronews     |     Infosecurity Magazine

Image: Kagenmi

You Might Also Read: 

Russian Hackers Make A Sustained Attack On France:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« African Countries Hit By Severe Internet Disruption
Scottish Health Service Patient Data Hacked & Stolen »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Patchstack

Patchstack

Patchstack (formerly WebARX) is a web application security platform, which allows digital agencies and developers to monitor, protect and maintain their websites.

Canadian Security Intelligence Service (CSIS)

Canadian Security Intelligence Service (CSIS)

CSIS collects and analyzes threat-related information concerning the security of Canada in areas including terrorism, espionage, WMD, cybersecurity and critical infrastructure protection.

Robert Half Technology

Robert Half Technology

Robert Half Technology offers a full spectrum of technology staffing solutions to meet contract and full-time IT recruitment needs.

Huntsman Security

Huntsman Security

Huntsman Security provides technology to enable real-time security monitoring and immediate visibility of advanced threats and compliance issues.

D3 Security

D3 Security

D3's Smart SOAR platform is at the forefront of the security automation revolution, helping clients around the world to rapidly identify, analyze, and resolve advanced threats.

Salt Communications

Salt Communications

Salt communications is a global leader in secure communications. Our bespoke platform is the secure communications solution that uniquely gives complete control to our customers.

Cybint Solutions

Cybint Solutions

Cybint provides customized cyber education and training solutions for Higher Education, Companies and Government.

Search Guard

Search Guard

Search Guard® is an Open Source security suite for #Elasticsearch and the entire #ELK stack that offers encryption, authentication, authorization, audit logging and multi tenancy.

GrrCON

GrrCON

GrrCON is an information security and hacking conference that provides the Midwest InfoSec community with a fun atmosphere to come together and engage with like minded people.

Beyond Encryption

Beyond Encryption

Mailock by Beyond Encryption is a secure email solution that allows businesses to exchange email securely, safe in the knowledge that their email can only be read by their intended recipient.

AEWIN Technologies

AEWIN Technologies

AEWIN is professional in the fields of Network Appliance, Cyber Security, Server, Edge Computing and an ODM/OEM expert.

Gray Analytics

Gray Analytics

Gray Analytics is a Cybersecurity Risk Management company providing best-practice services across a broad spectrum of cyber scenarios for both government and commercial customers.

Digital Boundary Group (DBG)

Digital Boundary Group (DBG)

Digital Boundary Group (DBG) is an information technology security assurance services firm providing information technology security auditing and compliance assessment services to clients worldwide.

CloudDefense.AI

CloudDefense.AI

CloudDefense.AI is an industry-leading multi-layered Cloud Native Application and Protection Platform (CNAPP) that safeguards your cloud infrastructure and cloud-native apps,

Hive

Hive

Hive is a leading provider of cloud-based AI solutions to understand, search, and generate content, and is trusted by hundreds of the world's largest and most innovative organizations.

SITS Group

SITS Group

SITS Group excel in delivering a comprehensive range of Cyber Security consulting and managed services, from cloud transformation to risk management.