French Unemployment Agency Reports Data Breach Affecting 10 Million People

Reading Time: ( Word Count: )

August 27, 2023
Nextdoorsec-course

Pôle emploi, the French state-run agency overseeing unemployment registration and support, has announced a significant data breach that potentially put at risk the personal data of 10 million individuals.

The agency said in a statement, “A breach in the information system of one of our service providers has led to potential unauthorized access to the data of those seeking employment.”

Individuals who registered with the agency in February 2022, as well as some past users of the service, are believed to be at risk due to this unauthorized data access.

Although Pôle emploi has not given an exact number of affected users, estimates from Le Parisien suggest that up to 10 million people might be affected. This is deduced from the 6 million registrations at Pôle emploi’s 900 centers by February 2022 and an additional 4 million from the year before, whose data remained on the system.

Also Read: Telegram-Based Phishing Operations Target E-commerce Users

The breached data comprises individuals’ full names and social security numbers. However, other details like email addresses, phone numbers, passwords, and banking information remain unaffected.

While the data exposed may not be particularly valuable for cybercriminal activities, Pôle emploi is urging its users to exercise caution with any unsolicited communications. The agency has also introduced a dedicated helpline for affected users to address their queries related to the breach.

The agency assures that they are taking all necessary steps to safeguard user data and further reinforce their cybersecurity measures to fend off future attacks.

Users should note that this breach does not affect Pôle emploi’s financial support programs. They can continue accessing the official employment portal at “pole-employment.fr” with their existing passwords.

Emsisoft, a security research firm, has identified Pôle emploi among those affected on its MOVEit page and confirmed the 10 million impacted figure. Interestingly, the Clop ransomware group, known for a broad MOVEit hacking campaign, hasn’t listed the French agency on its shaming site. They had previously claimed not to release data from government breaches, making the current situation ambiguous.

In the MOVEit hacking spree’s overall impact, Pôle emploi is second only to Maximus, which had 11 million users exposed. The overall damage from the MOVEit campaign now stands at a staggering 59.2 million people and 988 institutions.

Saher Mahmood

Saher Mahmood

Author

Saher is a cybersecurity researcher with a passion for innovative technology and AI. She explores the intersection of AI and cybersecurity to stay ahead of evolving threats.

Other interesting articles

Automated vs Manual Penetration Testing

Automated vs Manual Penetration Testing

Pentesting is largely divided into two methodologies: Automated vs Manual Penetration Testing. Both have ...
8 Steps in Penetration Testing You Should Know

8 Steps in Penetration Testing You Should Know

Mastering the art of penetration testing has become a critical ability for security experts to combat cyber ...
Spear Phishing vs Whaling: What is the Difference

Spear Phishing vs Whaling: What is the Difference

Spear phishing is a particularly devious type of phishing assault in which the individual targeted plays a ...
0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *