Data Breach at French Government Agency Exposes Info of 10 Million People
France has experienced a significant data breach that has deeply affected the country. A government agency has observed a staggering security failure, exposing the personal and confidential details of around 10 million individuals. Due to data security and privacy concerns, government officials and cybersecurity experts are taking action.
Personal information of about 10 million job seekers is now being sold on the dark web. It happened because of a data breach at Pole Emploi, the respected French government employment agency.
This week, a stunning revelation emerged from multiple French media sources. The French government employment agency was targeted by a cyberattack, leading to unauthorised access and compromise of the personal information of 100 million jobseekers.
French media warns people to be proactive and vigilant against identity theft and fraud.
No impact on financial aid programs
The information that has been made public contains complete names and social security numbers. The data breach of this incident did not affect your email addresses, phone numbers, passwords, or banking data. Pôle emploi advises job seekers to be cautious with incoming communications, even though the exposed data is not helpful for cybercrime. The agency has created a unique phone support line for people affected by the incident. They can call for help and to discuss any concerns they have.
According to Pôle emploi, their entire workforce is currently focused on safeguarding the personal information of job seekers, and they are committed to implementing further measures and procedures to ensure that such incidents do not happen again.
Top cybersecurity experts have unearthed a breach that vividly illustrates the vulnerability of personal data in this digital era. On August 8th, a well-known hacker famous for trading hacked databases released new data. Damien Bancal, a respected cybersecurity expert at Zataz.com, reported this information. The hacker is asking for $900 for the data they stole, and they even gave samples to attract buyers.
Pole Emploi warned job seekers about a cyber attack on its service provider, Majorel. An urgent investigation for the breach is conducted, centred around allegations of fraudulent access and manipulation within an automated data processing system.
Statements by authorities
Pole Emploi said the leaked data was about people who registered in February 2022 or stopped registering within the last 12 months. It could affect up to 10 million individuals. This incident is connected to a large-scale cyber attack campaign in May, affecting numerous organisations globally.
Clement Domingo emphasized that the cyber attack effectively targeted the weaknesses in the software utilized by Majorel, the service provider of Pôle emploi. The recent episode, attributed to the notorious Clop group, impacted more than 500 organisations globally. In addition to ING, Deutsche Bank, and Commerzbank, other well-known financial institutions were affected.
On its MOVEit page, Emsisoft listed Pôle emploi as the service provider responsible for the leak. It also confirmed that 10 million people were affected.
Despite the massive MOVEit hack, the Clop ransomware gang still needs to publish the French agency. Threat actors previously said they wouldn’t expose information gathered from government breaches so this tactic may explain the omission.
The MOVEit campaign has impacted 59.2 million compromised individuals and 988 organizations, meaning the impact of Pôle emploi is only second to Maximus’ 11 million exposures.