2023-08-25 20:24:44
The personal data of more than 10 million job seekers is on sale on the “dark web” for just $900, after a Pôle Emploi service provider was hacked, several cyber experts confirmed on Friday. Like the hospitals of Versailles, Corbeil-Essonnes or Rennes, or even the municipalities of Lille and Marseille, it is the turn of Pôle emploi to have been the target of hackers, after a leak revealed this week by the organization.
“A well-known hacker, a specialist in the sale of databases that he hacks or buys, put up for sale on August 8 a Pôle emploi database dated 2022, of 10.2 million users, which he sells for $900,” said Damien Bancal of Zataz.com, a top data theft reporting expert. To attract customers, the hacker even released samples.
Cybersecurity expert Clément Domingo, alias @_SaxX_ on X (formerly Twitter) also reports the sale of this data for $900 on a hacker forum. “On August 8 we found a first database, it was updated with much more information on the 21st,” he added.
“Do not hesitate” to consult your adviser “in case of doubt”
An investigation has been opened by the cybercrime section of the Paris public prosecutor’s office for fraudulent introduction and maintenance in an automated data processing system.
Pôle emploi called job seekers on Wednesday to vigilance, after “an act of cybermaliciousness” of which one of its service providers, the Majorel company, was the victim. The organization had claimed that this data leak concerned “people registered in February 2022 and people who had ceased registration for less than 12 months, i.e. potentially 10 million people”.
“The February 2022 file that we were able to identify and which allowed us to trace the service provider who was the victim of this cybermalicious act contains the surname, first name, and NIR (social security number). No other sensitive information (email, telephone or bank details) is included in this file. Our service provider does not have this information, “said the general management of Pôle emploi on Friday.
The organization calls on users to “the greatest vigilance” and “not to hesitate to contact their adviser or to call 39 49 in case of doubt”.
“A vast campaign of cyberattacks following software piracy”
“In May, there was a vast campaign of cyberattacks following the hacking of software used by this Pôle Emploi service provider. A global flaw was used by these malicious actors – the Clop group – to affect more than 500 organizations around the world, including Pôle Emploi”, specifies Clément Domingo. ING, Deutsche Bank and Commerzbank were also targeted, notes Damien Bancal
Other cybercriminals can buy this data on the “dark web” – the underground area of the internet – for example to launch more effective phishing campaigns. With a social security number, you can send its owner a credible SMS asking him to update his Vitale card.
The objective is to trick the victim into clicking on a malicious link, which for example installs software on their computer that encrypts their files, then demands a ransom to unlock them. Medical data makes it possible to exercise blackmail, tax data to have money sent for an imaginary tax reminder, etc. Worse still, a complete identity data set allows identity theft, for example to open an online bank account or send traffic tickets to a stranger.
By November 2024, the European directive NIS2 will force thousands of companies and administrations to strengthen their cybersecurity.
#Cyberattack #Pôle #emploi #service #provider #data #million #users #sale #dark #web