A recent data breach at France’s government unemployment agency could impact as many as 43 million people, authorities announced this week.
The affected agency, France Travail, formerly known as Pole Emploi, was targeted in a cyberattack that resulted in the theft of personal information between February 6 and March 5, 2024, according to the country’s Cybermalveillance cybercrime prevention initiative.
The attackers may have exfiltrated information belonging to job seekers, including name, date of birth, social security number, agency-specific identifier, email and postal address, and phone number. Passwords and financial information were not compromised.
In a statement published on Wednesday, France Travail said the compromised database stores the information of individuals who are currently registered with the agency to find a job, those who registered over the past 20 years, as well as people who only created an account on its website.
The total number of individuals whose data has been exfiltrated could be as high as 43 million, France Travail said.
Impacted individuals are being notified and urged to be on the lookout for any cybercriminal activity that may leverage the compromised data or the incident.
It’s unclear if France Travail was the target of a ransomware group. No known cybercrime gang appears to have taken credit for the attack.
This is not the first significant data breach involving the unemployment agency. In August 2023, the organization disclosed an incident that reportedly resulted in the personal information of roughly 10 million people being compromised.
Another major data breach impacting people in France was disclosed last month, when the country’s data protection agency announced investigating incidents at Viamedis and Almerys, which manage third-party healthcare payments. The incident is believed to affect 33 million individuals, roughly half of France’s population.
The French government said recently that several of its services had been targeted by cyberattacks of “unprecedented intensity”.
Related: UK, France Host Conference to Tackle ‘Hackers for Hire’
Related: France Fines Yahoo 10 Mn Euros Over Cookie Abuses
Related: European Telecommunications Standards Institute Discloses Data Breach
