Gandalf_The_Grey
Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
- Apr 24, 2016
- 7,253
Pôle emploi, France's governmental unemployment registration and financial aid agency, is informing of a data breach that exposed data belonging to 10 million individuals.
"Pôle emploi became aware of the violation of the information system of one of its providers involving a risk of disclosure of personal data of job seekers," reads the press release.
"Job seekers registered in February 2022, and former users of the job center are potentially affected by this theft of personal data."
Although the agency does not specify the number of impacted individuals, Le Parisien reports an estimate of 10 million people to be impacted.
This is based on the fact that 6 million people had registered in one of Pôle emploi's 900 job centers by February 2022, and another 4 million had done so in the previous 12 months prior to the attack, but their data hadn't been deleted from the agency's systems yet.
As for the service provider responsible for the data leak, security firm Emsisoft listed Pôle emploi in its MOVEit page. The cybersecurity company also confirmed that 10 million people were impacted.
However, the Clop ransomware gang that carried out the massive MOVEit hacking spree has not yet published the French agency on its extortion site.
Previously, the threat actors said they would not expose information obtained from breaches in government agencies, so it's unclear if the omission is due to this tactic.
Pôle emploi stands second in terms of the number of impacted individuals, only behind Maximus' 11 million exposure, while the total tally of the MOVEit attack campaign has reached 59.2 million compromised individuals and 988 organizations.
Data breach at French govt agency exposes info of 10 million people
Pôle emploi, France's governmental unemployment registration and financial aid agency, is informing of a data breach that exposed data belonging to 10 million individuals.
www.bleepingcomputer.com