2024-03-20 02:01:30
After this attack on an unprecedented scale, the reaction was quick. Three people were arrested this Tuesday, announced the Paris prosecutor’s office, six days after the large-scale cyberattack which affected France Travail. They were indicted on Tuesday for fraudulent access and maintenance in an automated data processing system, extraction of this data, and fraud, all as part of an organized gang. They were immediately placed in pre-trial detention.
More than 43 million pieces of data were hacked during this major cyberattack. The prosecution requires the placement in pre-trial detention of these three people, born in November 2001 in Yonne, in September 2000 and September 2002 in Ardèche.
The data affected by the hacking was numerous: surnames, first names, social security numbers, identifiers, e-mail and postal addresses as well as telephone numbers of the beneficiaries, the National Commission for Information Technology and Liberties indicated in a press release ( Cnil). However, the passwords and banking details had not been leaked.
Searches confirm fraudulent activity for some
“From the first elements identified by France Travail, it emerged that between February 6 and March 5, Cap Emploi agent accounts, authorized to access the resources present on the France Travail information system, had been used to proceed to the downloading of data from the job seekers database estimated at 43 million pieces of personal data,” writes Paris prosecutor Laure Beccuau in her press release released on Tuesday.
“Technical and telephone investigations made it possible to identify three suspects. The searches carried out at their homes and on their computer equipment confirmed for some of them fraudulent activity using the phishing technique,” she continues.
The investigation continues and does not stop with these three arrests, specifies the prosecution. The investigations now aim to “search for possible other actors and assess the share of responsibility of each”.
Call for “vigilance”
The day after the cyberattack, the CNIL provided “advice to protect yourself”. The organization recommended in particular “being particularly vigilant with regard to messages (SMS, emails)” received, particularly if they invite “to carry out an emergency action, such as a payment”, ensuring that you have “sufficiently robust” passwords or to “periodically check activities and movements” on its various accounts.
“Although, according to the information of which the CNIL is currently aware, the data leak does not concern passwords or banking details, it is possible that the data which was the subject of the violation is coupled, by malicious actors, to other information from previous data leaks,” the organization warned, calling for “vigilance.”
#France #Travail #people #arrested #indicted #largescale #computer #hacking