Security News

A French government department - responsible for registering and assisting unemployed people - is the latest victim of a mega data breach that compromised the information of up to 43 million citizens. "The database allegedly extracted illicitly contains the personal identification data of people currently registered, people previously registered over the last 20 years as well as people not registered on the list of job seekers but having a candidate space on francetravail.fr," the statement reads, which was translated electronically from French.

France Travail has informed the country's data protection agency, the National Commission of Informatique and Liberties, which stated that up to 43 million people may be impacted. This data increases the risk of identity theft and phishing for the exposed individuals, so the agency recommends potentially impacted people to be particularly vigilant with emails, phone calls, and SMS they receive.

Several French government websites have been disrupted by a severe distributed denial of service attack. A statement from prime minister Gabriel Attal's office acknowledged that some sites were in trouble as of Sunday night, and mentioned conventional attacks of unprecedented intensity.

Nearly half the citizens of France have had their data exposed in a massive security breach at two third-party healthcare payment servicers, the French data privacy watchdog disclosed last week.Payments outfits Viamedis and Almerys both experienced breaches of their systems in late January, the National Commission on Informatics and Liberty revealed, leading to the theft of data belonging to more than 33 million customers.

French healthcare services firm Viamedis suffered a cyberattack that exposed the data of policyholders and healthcare professionals in the country. Though the company's website remains offline at the time of writing, an announcement was posted on LinkedIn warning of the data breach.

French authorities arrested a Russian national in Paris for allegedly helping the Hive ransomware gang with laundering their victims' ransom payments. "New arrest in the Hive ransomware affair: after the international search in January to dismantle this network of hackers constituting a serious threat, the Judicial Police arrested in Paris an individual suspected of having laundered money from these cyber attacks," the French National Police said.

Prime Minister of France Élisabeth Borne signed a circular last week requesting all government employees to uninstall foreign communication apps such as Signal, WhatsApp, and Telegram by December 8, 2023, in favor of a French messaging app named 'Olvid. BleepingComputer discussed the development with French journalists, who clarified that this isn't a ban on using foreign messaging apps but rather a recommendation to switch to locally developed software.

Pôle emploi, France's governmental unemployment registration and financial aid agency, is informing of a data breach that exposed data belonging to 10 million individuals. Although the agency does not specify the number of impacted individuals, Le Parisien reports an estimate of 10 million people to be impacted.

French police should be able to spy on suspects by remotely activating the camera, microphone and GPS of their phones and other devices, lawmakers agreed late on Wednesday, July 5. Covering laptops, cars and other connected objects as well as phones, the measure would allow the geolocation of suspects in crimes punishable by at least five years' jail.

Cybersecurity researchers have exposed the workings of a scam ring called CryptosLabs that's estimated to have made €480 million in illegal profits by targeting users in French-speaking individuals in France, Belgium, and Luxembourg since April 2018. The syndicate's massive fake investment schemes primarily involve impersonating 40 well-known banks, fin-techs, asset management firms, and crypto platforms, setting up a scam infrastructure spanning over 350 domains hosted on more than 80 servers, Group-IB said in a deep-dive report.