Massive cyberattack affects 43 million French workers


The French governmental employment agency has announced a cyberattack during which hackers were likely to extract information about 43 million people – more than two-thirds of the total population.

French employment agencies France Travail and Cap Emploi announced on Thursday that they’ve fallen victim to an intrusion into their information systems.

The leaked personal data includes first and last names, Social Security numbers, employment agency France Travail identifiers, email and postal addresses, and telephone numbers, according to French data protection agency CNIL. Dates of birth were also leaked, according to Cap Emploi.

“This attack would have potentially allowed the extraction of data from 43 million users. This number, to be confirmed, concerns people currently registered on the list of job seekers or who have been registered over the last 20 years, as well as people with a candidate space (job seeker’s account) on francetravail.fr,” a CNIL statement reads.

According to authorities, malicious actors did not access passwords and banking details. However, agencies warn of cyberattackers trying to illegally exploit the data.

Currently, the affected individuals have no way of knowing if they were affected. They will be individually informed by France Travail in the coming days.

“The Paris public prosecutor's office has already opened an investigation, and people wishing to file a complaint are invited to do so,” said CNIL.

French authorities warn of the possibility that hackers will couple this leak with information from previous leaks. CNIL advises citizens to be particularly vigilant regarding messages (SMS, emails) that they may receive, particularly if they’re invited to carry out an emergency action, such as a payment. Users should not share passwords or banking details.

“Vigilance is therefore required in the coming days, but also and above all in the longer term.”

The announcement follows reports of a massive cyber attack on French authorities earlier this week, when numerous DDoS attacks, carried out by malicious actor Anonymous Sudan, temporarily disrupted numerous governmental websites.


More from Cybernews:

Voyager probes beam back universe’s puzzle pieces, NASA scientist says

Loophole enables data brokers to bypass GDPR

Meet Devin, Cognition’s fully autonomous AI software engineer

Akira’s breach of Nissan impacts 100K people

US gov opens probe into UnitedHealth hack as systems come back online

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are markedmarked