Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

10 Million Likely Impacted by Data Breach at French Unemployment Agency

The personal information of roughly 10 million individuals might have been compromised in a data breach at French unemployment agency Pole Emploi.

The personal information of roughly 10 million individuals was likely compromised in a data breach at French governmental unemployment agency Pole Emploi.

The agency, which registers unemployed individuals, provides them with financial aid, and helps them find new jobs, says it became aware of the incident just over a week ago.

The data breach, the agency says, was the result of a cyberattack on one of its service providers, and that no Pole Emploi system was affected.

According to Pole Emploi, the data compromised during the attack belongs to individuals who registered with the agency until February 2022, and includes names and social security numbers.

Other personal information, such as email addresses, phone numbers, passwords, and bank credentials were not affected.

“Although there is no risk on the compensation and support offered by Pole Emploi, nor on access to the personal space of pole-emploi.fr, Pole Emploi advises jobseekers to remain vigilant faced with any type of approach or proposal that could appear fraudulent,” a translation of the agency’s notification reads.

Pole Emploi also says it will notify all impacted individuals of the incident, but has not provided information on how many people might have been affected.

Advertisement. Scroll to continue reading.

According to cybersecurity firm Emsisoft, the data breach was the result of the May 2023 MOVEit hack, which has impacted roughly 1,000 organizations and more than 60 million people.

Data collected by Emsisoft from various sources shows that roughly 10 million individuals might have been affected by the Pole Emploi data breach.

LeParisien reports that the data breach involved customer experience management firm Majorel, which was responsible for the digitalization and processing of documents provided by job seekers.

UPDATE: Responding to a SecurityWeek inquiry, Majorel said that the incident was not related to the MOVEit hack and that no other customer was affected.

“We are currently working very closely with Pôle Emploi on the data issue they have reported. Naturally, data security is one of our top priorities and our specialist teams are fully engaged on this matter to support Pôle Emploi. After Pôle Emploi notified us of the issue, an investigation was immediately launched which is still ongoing. In the meantime, we can confirm that this topic only relates to Tech & Expert services (the management and digitization of documents) we provide to Pôle Emploi in France and that no other clients, services, systems, or countries are impacted,” a Majorel spokesperson said.

Related: University of Minnesota Confirms Data Breach, Says Ransomware Not Involved

Related: Tesla Discloses Data Breach Related to Whistleblower Leak

Related: Colorado Department of Higher Education Discloses Ransomware Attack, Data Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.

Register

Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.

Register

Expert Insights

Related Content

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Data Breaches

A group of hackers has leaked Atlassian employee records and floorplans, information that was obtained from third-party workplace platform Envoy.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Data Breaches

AT&T is notifying millions of wireless customers that their CPNI was compromised in a data breach at a third-party vendor.

Data Breaches

KFC and Taco Bell parent company Yum Brands says personal information was compromised in a January 2023 ransomware attack.

Cybercrime

Instant Checkmate and TruthFinder have disclosed data breaches affecting a total of more than 20 million users.