The Caisse des Dépôts has just suffered a cyberattack. The public financial institution indicates that login credentials relating to several public employers "were subject to fraudulent use". In short, cybercriminals used compromised credentials to penetrate the computer system.
As the Caisse des Dépôts explained to Franceinfo, these are the login credentials of a platform that allows employers to easily fulfill their reporting obligations to pension plans, such as Ircantec or CNRACL.
These are the credentials that allowed the cybercriminals to carry out the operation. As always, compromised data leads to the theft of other personal data. This is a simple credential stuffing attack, believes Clément Domingo, a cybersecurity researcher. This common practice in the cybercriminal world consists of using stolen identifiers (usernames and passwords) from a platform to try to access other accounts on various online services.
For the moment, it is unknown how the attackers got their hands on the login identifiers at the origin of the cyberattack. They may have been purchased on black markets or collected by viruses.
70,000 people affected
Once in the infrastructure, the hackers were able to consult the personal data of 70,000 people affiliated with Ircantec, a mandatory supplementary pension scheme in France, which is managed by the Caisse des Dépôts. The victims are "contractual agents of the State, territorial and hospital civil service, local elected officials or hospital practitioners", reports Franceinfo. In detail, there are 1,000 elected officials among the individuals whose personal information was compromised.
Among the stolen data, there is the social security number, first and last names, date, city and department of birth. On the other hand, "banking data, passwords, email addresses and telephone numbers are not affected by this computer attack".
Unsurprisingly, the Caisse des Dépôts alerted all members affected by the leak by email. Moreover, the institution assures that it has taken "the necessary measures to remedy the data breach and limit the negative consequences for members". For example, malicious connections have been blocked, and the creation of new accounts is subject to new precautions.
The Caisse des Dépôts has notified all of its partners "so that they can set up or adjust their alert systems in the event of abnormal activity in their data processing". A complaint has been filed and the National Commission for Information Technology and Civil Liberties (CNIL) has been notified within the allotted time, as required by the General Data Protection Regulation (GDPR).
As feared, cyberattacks continue to occur one after the other in France. In recent weeks, several French companies have been victims of data theft, including Chronopost, Thermomix and Kiabi.
Source: Franceinfo
0 Comments