A new cyber attack on a government body, Fance Travail (formerly Pôle Emploi), revealed on Wednesday that it had been targeted by computer hackers, with “a risk of disclosure” of personal data “potentially” affecting 43 million people. What do we know about this attack? What are the risks?
The personal data of France Travail and Pôle emploi users over the past twenty years may have been intercepted, here’s what we know.
What happened?
We learned on Wednesday that the public site France Travail (formerly Pôle Emploi), containing the personal data of all French job seekers, was the target of a large-scale computer attack. Another attack also targeted Cap emploi (organization responsible for finding work for the disabled), but this one is “a priori not at all linked” to the attack that has targeted several ministries since Sunday evening, France Travail told AFP.
The operation began with “impersonating advisors,” said the operator, who then “noticed suspicious requests.” According to cybermalveillance.gouv.fr, a national support system for victims of cybermalveillance, the attack took place “between February 6 and March 5” and was subsequently detected by France Travail.
Who’s worried?
The public operator indicated in a press release that “the database allegedly illegally extracted contains the personal identification data of people currently registered” as job seekers. But also “people who have previously registered in the last 20 years, as well as people who are not registered on the list of job seekers but have a candidate space on francetravail.fr”. “It is therefore possible that the personal data of millions of people has been exfiltrated,” France Travail added.
Do we know the perpetrators of the attack?
We now know that the massive attack on various ministries last weekend was sponsored by a pro-Russian hacker group called “Anonymous Sudan”. The attack on France Travail and Cap Emploi would have no connection with this show of force; the identities of the hackers behind the attack are currently unknown.
What is the point of this kind of hacking?
The attack would have made it possible to obtain the names, first names, dates of birth, social security numbers, France Travail identification data, addresses (email and postal) and telephone numbers of almost 43 million people. Bank details have not been compromised, so there is no immediate risk regarding compensation. However, the stolen data can be sold and bought back by scammers to take money from their victims.
“Although, according to the information currently known to the CNIL, the data breach does not involve passwords or banking details, it is possible that the data that was the subject of the breach could be linked by malicious actors to other information from previous data breaches,” warns the organisation.
The organization therefore recommends “to be particularly vigilant with regard to messages received (SMS, emails)”, especially if they invite “to carry out an emergency action, such as a payment”, and to ensure that you have passwords that are ‘sufficiently robust’ or to “periodically monitor the activities and movements” on their various accounts.
And now?
“A preliminary investigation was opened by the Paris Public Prosecutor’s Office and entrusted to the Cybercrime Brigade of the Paris Judicial Police, which has set up a simplified complaints system for the people involved,” the press release said. the Paris prosecutor’s office.
France Travail plans to inform job seekers identified as potential victims “through their personal space or by email”. “A dedicated information system will also be available via the 3949 telephone platform in the coming hours to support anyone who needs it.”