French government agency breach may have exposed data on 340k jobseekers

News
By published

A second breach in as many years affected hundreds of thousands of people

Image Credit: Lolloj / Shutterstock (Image credit: Image Credit: Lolloj / Shutterstock)
  • France Travail breach could affects thousands
  • No threat actors assumed responsibility, and the data has not yet been abused
  • This is not the first time France Travail has been hit

France’s national employment agency has suffered a cyberattack in which threat actors allegedly accessed sensitive data on “hundreds of thousands” of people.

In a data breach notification letter, sent to affected individuals and seen by French local media, France Travail said the criminals accessed the data through Kairos, a digital platform mostly used by training organizations and employment counselors to manage professional training activities, including tracking course enrollment, validating funding requests, and monitoring job seeker progress.

Initial reports place the number of affected individuals at roughly 340,000, with the exposed data including full names, postal addresses, email addresses, phone numbers, and France Travail ID numbers.

Suspects arrested

While there is no evidence of abuse in the wild, this type of data is valuable for criminals looking to carry out identity theft or other activities.

Knowing the identities and contact information of people who were looking for work, threat actors can create convincing emails, inviting people to fake job interviews. Through these interviews, they can deploy all sorts of malware, or even ransomware.

Lazarus Group, for example, is famous for its Operation DreamJob campaign, in which it invites their targets to fake job interviews.

The good news is that financial information, such as banking data or credit card information, was not leaked. Still, France Travail urged all users to remain vigilant, and pay special attention to unsolicited emails.

According to Cybernews, this is not the first time France Travail suffered a cyberattack, as a March 2024 incident was significantly larger in scope, affecting 43 million individuals - more than two-thirds of the country’s entire population, making it the largest cyberattack in French history.

In the aftermath, three suspects aged 21 to 23 were arrested in connection to the attack. All three were based in France and allegedly impersonated Cap Emploi advisors to gain access. No known ransomware group has claimed responsibility, and the attack has not been formally attributed to any organized cybercriminal group.

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.