According to Bleeping Computer, Pôle emploi, France’s governmental unemployment registration and financial aid agency, is informing of a data breach that exposed data belonging to 10 million individuals.
“Pôle emploi became aware of the violation of the information system of one of its providers involving a risk of disclosure of personal data of job seekers,” reads the press release. “Job seekers registered in February 2022, and former users of the job center are potentially affected by this theft of personal data.”
Although the agency does not specify the number of impacted individuals, Le Parisien reports an estimate of 10 million people to be impacted. The exposed information includes full names and social security numbers, while email addresses, phone numbers, passwords, and banking data have not been affected by this data leak. Although the exposed data has limited utility in cybercrime operations, Pôle emploi advises registered job seekers to be cautious with incoming communications.
Commentary by Thomas Uhlemann, Security Specialist at ESET:
MOVEit supply-chain-attack don’t seem to stop and we will likely be talking about in retrospect as one of the biggest hacks of 2023. In this specific case the impact impact on the people whose data was stolen might be limited, though. First, not too much individual personal data has been stolen, although valid names and social security numbers do have their fair value on the dark web marketplaces, especially when it’s millions of entries as in this case. Second, the Clop ransomware gang announced not to use data they’ve obtained from government entities. However, we’re talking about cybercriminals here and there’s no reason to ever trust gangsters to keep their promises.
There are two key learnings of this attack:
- it is evident that the Clop gang didn’t have specific targets in mind but rather knew that MOVEit was so globally widedspread that it guaranteed the attackers successful breaches, including a big ones like in this case.
- no network is to be considered “automatically safe”, just because it is run by a government institution or a big corporation. Despite Pôle emploi advising their users to login normally, we strongly recommend everyone to exchange their passwords to strong passphrases.
Operators of networks dealing with customer data in general should employ strong measures, such as a strict zero-trust-policies in order to prevent data breaches and limit their impact in case they occur.
ESET Ireland 