France's national unemployment agency, France Travail (formerly Pôle emploi), has confirmed it was the target of a significant data breach. The agency stated that personal information of individuals registered with the service, both job seekers and those previously registered, may have been exposed.
According to official communications from France Travail and the French data protection authority, CNIL, the breach was detected in February 2024. The compromised data includes full names, dates of birth, social security numbers, France Travail identifiers, email addresses, and phone numbers. Passwords and banking details were not affected.
The CNIL has opened an investigation into the incident. Initial estimates from the hacker who claimed responsibility suggested up to 43 million records were stolen, a figure that aligns with France Travail's total number of registered individuals over recent years. The agency is urging vigilance against potential phishing attempts.
This incident follows a series of cyberattacks targeting French government services and underscores ongoing vulnerabilities in public sector data security. Authorities are advising affected individuals to monitor their accounts for suspicious activity.
