This is another embarrassing episode for France Travail. According to RTLthe public body responsible for employment has confirmed that it has been the victim of a cyberattack, claimed by the hacker group called “Stormous”. The latter claim to have stolen 30 gigabytes of data and compromised more than 31,000 job seeker accounts.
A new leak confirmed by France Travail
The stolen data would be particularly sensitive: usernames, passwords, personal information (name, date of birth, address, telephone number, email address). Administrative documents are also in the trap: identity cards, bank identity statements, tax notices, Social Security certificates, employment contracts and training certificates.
France Travail recognizes that “ data was indeed extracted ”, while specifying that they are not yet able to “ confirm the volume of job seekers concerned, nor the nature of the data accessed “. Potentially affected people will be informed individually. All registrants and collaborators have already been alerted via a message on the organization’s website and intranet.
The attack would not directly target France Travail servers: the cybercriminals would rather have exploited identifiers stolen from the personal computers of job seekers.
According to the agency, “infostealer” viruses – malicious software capable of recovering connection data without the user’s knowledge – would have been used to infiltrate the servers. These tools are often downloaded accidentally through scam sites, booby-trapped ads, or infected email attachments. France Travail therefore invites its users “ to the greatest vigilance regarding the robustness and confidentiality of their passwords ».
This new incident adds to an already long series. In February 2024, a first major leak exposed the data of 43 million job seekers after advisor accounts were compromised. A few months later, in July, another intrusion on a partner portal endangered the information of 340,000 registrants.
This data was then used to carry out major phishing campaigns, particularly by SMS. Even before its transformation into France Travail, the former Pôle Emploi had already suffered a large-scale hack in 2022 affecting nearly 10 million users. With this new attack, it is the third confirmed leak in less than two years. A repetition which raises a lot of questions about the agency’s ability to protect the information of millions of French people, while cybercrime campaigns are increasing and becoming more sophisticated.
🟣 To not miss any news on the WorldOfSoftware, subscribe on Google News and on our WhatsApp. And if you love us, .
