Total Tests:

Hackers steal personal data of 43 million French job seekers

By Emma Woollacott for IT PRO
Friday, March 15, 2024

The attack hasn't yet been claimed, nor the data leaked. An initial investigation suggests the attackers are believed to have gained access in early February by impersonating a Cap Emploi civil service officer.

Dr Ilia Kolochenko, CEO at ImmuniWeb and adjunct professor of cyber security at Capital Technology University, said the timeframe of the breach is a particular point of concern, with the intrusion reportedly lasting around a month.

“Exfiltration of 43 million records is a quite 'noisy' event that should have normally been detected much faster," Kolochenko said. "While other technical details of the data breach remain unknown for the time being, it is perfectly conceivable that hackers could stealthily stay inside for the entire month, compromising and backdooring other internal systems with more sensitive data.

“Even if the currently disclosed scope of the data breach is eventually confirmed, the already compromised data can – and quite probably will – be exploited in spear phishing, account takeover and other cyberattacks against the concerned individuals."

CNIL is warning those affected to remain vigilant over the potential threat of phishing attacks, and has advised at-risk individuals to avoid opening suspect email attachments or sharing passwords and banking details. Read Full Article

Book a Call Ask a Question
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
Your data will stay private and confidential