Millions of users may have had data leaked in new French government agency security breach

Zero-day attack
(Image credit: Shutterstock) (Image credit: Shutterstock.com)

A French government agency suffered a cyberattack which has apparently resulted in the country’s largest-ever data leak incident, affecting as many as 43 million victims.

The agency is called France Travail, the country’s unemployment registry and assistance organization, which helps find jobs for the unemployed, and provides them with financial aid. The organization was created in 2008, after ANPE and ASSEDIC merged, and currently counts roughly 45,000 employees. 

In a press release published earlier this week, the organization said it fell victim to a cyberattack in which sensitive data collected over the last 20 years was stolen. It warned the citizens to be wary of potential identity theft attacks, phishing attempts, and similar cyberattacks.

Motives unknown

BleepingComputer says that an estimated 43 million individuals were affected, making this the largest data leak incident in the country’s history, surpassing February’s 33 million attack on Viamedis and Almerys. The data that was stolen in this attack includes people’s full names, dates of birth, places of birth, social security numbers, France Travail identifiers, email addresses, postal addresses, and phone numbers. Financial, or payment data, was not stolen, it was added.

The attack was spotted in early March, and lasted almost a month, the agency confirmed. Besides the unemployed, the hackers also stole data from job candidates. 

France Travail did not say who the threat actors behind the incident are, or what their goals were. So, we don’t know if this was a ransomware attack, or just a data grab. No hacking collectives have yet assumed responsibility for the attack.

This is not the first time France Travail suffered a devastating cyberattack that resulted in data leaks. Last August, hackers made away with sensitive information on 10 million people. That attack was attributed to the Cl0p ransomware collective, which abused the MOVEit Transfer software vulnerability to breach the system.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.