The French government employment agency Pôle emploi suffered a data breach and is notifying 10 million individuals impacted by the security breach.
At the end of last week, the agency was informed of the compromise of the information system of one of its service providers. The press release published by the agency states that its information systems are not impacted.
“In accordance with its obligations under the General Data Protection Regulation (GDPR), Pôle emploi has notified the CNIL today. The establishment will also file a complaint with the judicial authorities.” reads the press release published by the agency. “Jobseekers registered in February 2022 and former users of Pôle Emploi are potentially affected by this theft of personal data.”
The security breach exposed the surname and first name and social security number of the impacted individuals. Email addresses, phone numbers, passwords and financial data are not exposed.
The agency recommends job seekers remain vigilant on any potential fraudulent activity, it also added that there is no risk on the compensation and support offered by the agency, nor on access to the personal space of pole-emploi.fr.
At this time the Clop ransomware group has yet to publish any data from the French agency.
(SecurityAffairs – hacking, data breach)