Young people’s data feared stolen in cyberattack on French government contractor

Avatar

France’s Ministry of Labor and Employment announced on Thursday that it discovered a cyberattack suspected to have impacted the data of young people it was helping get into employment.

According to the ministry’s statement, the attack directly impacted an unnamed service provider used by the department’s network of “Local Missions” — places that offer advice and support to people between the ages of 16 and 25 about work and training.

The attack is believed to have taken place last week, on the night of Wednesday October 23, said the ministry.

“Investigations are underway at the service provider to determine the origin of this event. The security of the information systems of the local missions network itself is not in question,” the statement added.

There is a risk that the incident could involve the disclosure of personal data for young people who have been registered with the ministry’s Local Missions system, including their full names, dates of birth, nationality, email and postal addresses, and phone numbers.

It did not state how many individuals were believed to have been affected, nor for how many years the Local Mission project’s records date back to. The program began in the 1980s.

“The bank details (IBAN), social security number and identity document of young people are not, however, affected by this malicious act.”

The statement added that although the technical investigation hasn’t been completed, and “measures aimed at strengthening the security of the information system” are yet to be fully implemented, it has taken several steps to address the breach.

The incident has been reported to France’s privacy regulator, the CNIL, and to France’s cybersecurity agency ANSSI, and a complaint has been filed with the country’s judicial authorities.

The young people affected by the cyberattack are being informed, and communications are also being made to, “where applicable, their legal representatives,” added the ministry.

Anyone who might be impacted has been cautioned to be “extremely vigilant regarding the risks of phishing (fraudulent emails, text messages or calls) or attempts at identity theft. We remind them to never communicate their password or bank details by telephone, text message or email.”

GovernmentCybercrimeNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Alexander Martin

is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.

 

Total
0
Shares
Previous Post

Los Angeles housing agency confirms another cyberattack after 2023 ransomware incident

Next Post

Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar

Related Posts

Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks

A hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber attacks against Russian targets. "Rather than demand a ransom for decrypting data, Twelve prefers to encrypt victims' data and then destroy their infrastructure with a wiper to prevent recovery," Kaspersky said in a Friday analysis. "The approach is indicative of a
Siva Ramakrishnan
Read More

Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining

The infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale campaign targeting cloud-native environments for mining cryptocurrencies and renting out breached servers to third-parties. "The group is currently targeting exposed Docker daemons to deploy Sliver malware, a cyber worm, and cryptominers, using compromised servers and Docker Hub as the infrastructure
Avatar
Read More