10 Million Likely Impacted by Data Breach at French Unemployment Agency


The personal information of roughly 10 million individuals was likely compromised in a data breach at French governmental unemployment agency Pole Emploi.

The agency, which registers unemployed individuals, provides them with financial aid, and helps them find new jobs, says it became aware of the incident just over a week ago.

The data breach, the agency says, was the result of a cyberattack on one of its service providers, and that no Pole Emploi system was affected.

According to Pole Emploi, the data compromised during the attack belongs to individuals who registered with the agency until February 2022, and includes names and social security numbers.

Other personal information, such as email addresses, phone numbers, passwords, and bank credentials were not affected.

“Although there is no risk on the compensation and support offered by Pole Emploi, nor on access to the personal space of pole-emploi.fr, Pole Emploi advises jobseekers to remain vigilant faced with any type of approach or proposal that could appear fraudulent,” a translation of the agency’s notification reads.

Pole Emploi also says it will notify all impacted individuals of the incident, but has not provided information on how many people might have been affected.

Advertisement. Scroll to continue reading.

According to cybersecurity firm Emsisoft, the data breach was the result of the May 2023 MOVEit hack, which has impacted roughly 1,000 organizations and more than 60 million people.

Data collected by Emsisoft from various sources shows that roughly 10 million individuals might have been affected by the Pole Emploi data breach.

LeParisien reports that the data breach involved customer experience management firm Majorel, which was responsible for the digitalization and processing of documents provided by job seekers.

Majorel has yet to respond to a SecurityWeek inquiry regarding the incident.

Related: University of Minnesota Confirms Data Breach, Says Ransomware Not Involved

Related: Tesla Discloses Data Breach Related to Whistleblower Leak

Related: Colorado Department of Higher Education Discloses Ransomware Attack, Data Breach



Source link