A hacker stole credentials from a single government official and gained access to data from 1.2 million French bank accounts, according to the country’s Economy Ministry. Yes, it was that simple, and even though authorities are calling for calm, the pilfered information could indeed be used in extremely targeted cyberattacks.
-
A hacker used stolen credentials from a single government official to access sensitive data on 1.2 million accounts in France’s critical FICOBA database, highlighting how a basic lapse like missing multi-factor authentication can trigger massive breaches.
-
The incident adds to a growing wave of cyberattacks hitting French institutions – including France Travail and the French Interior Ministry – raising concerns about systemic underinvestment in cybersecurity.
-
Although officials say no funds or transactions were accessed, the exposed personal and tax data could fuel highly targeted phishing, fraud, and identity theft campaigns against French banking customers.
“What is currently happening in the French digital space is very serious. We really feel like a sieve,” one French cybersecurity professional recently complained on X.
Indeed, this now looks like an epidemic: not a day passes without an announcement about a fresh attack on French institutions or companies.
For instance, France Travail, an unemployment agency, recently had the personal data of nearly 37 million job seekers leaked, and just before Christmas, France’s national postal service and its banking arm were knocked off by a suspected cyberattack.
That same month, the French Interior Ministry announced that threat actors had compromised their email servers. Hackers soon said that data from 16 million individuals had been exposed.
Most of the time, it seems like chronic underinvestment in the best cybersecurity practices has been at fault. This appears to be the case again.
According to Le Monde, the Economy Ministry said that an unknown hacker has been using stolen credentials of a single government official to access and consult “parts of the file of all of the accounts open in French banks which contains personal data such as bank account numbers, name of the account holder, address, and in certain cases, the account owner’s tax number.”
The aforementioned French cyber pro didn’t mince his words. On X, he said: “Once again, a civil servant was tricked, and their credentials were stolen… The reason? No Multi-Factor Authentication…”
This isn’t an ordinary breach, either. None other than France’s FICOBA database, one of the country’s most critical financial surveillance systems, seems to have been compromised.
FICOBA, which stands for “Fichier des Comptes Bancaires et Assimilés” (File of Bank Accounts and Similar), serves as a centralized repository that allows French tax authorities and other government agencies to monitor banking relationships and combat financial crimes such as money laundering.
Have thoughts about this topic? Others do, too. Join them in the discussion.
The system contains information on all bank accounts opened in French financial institutions: IBANs, tax identification numbers for each account holder, and more.
And yes, officials say the breach cannot possibly result in access to account balances or transactions, and that the threat actor – it’s unclear who they are – was blocked. Data can’t be removed, they stress.
None other than France’s FICOBA database, one of the country’s most critical financial surveillance systems, seems to have been compromised.
However, according to Cybernews researchers, information that the FICOBA database contains could be leveraged by cybercriminals to enhance targeted attacks against financial institutions and their customers.
“While it is true that from this data alone, account balances cannot be checked and bank operations cannot be performed, it still poses risks,” said our researchers.
“Exposed PII, such as names and addresses, can be combined with other leaked data to profile people and construct convincing phishing campaigns that can pose as the national bank.”
Combined with tax identification numbers, this also increases the risk of fraud and identity theft, since these numbers can be used as identifiers on government platforms.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked