A new wave of cyberattacks is hitting France. In the last few days, two French sports federations have found themselves in the sights of cybercriminals, reports researcher Clément Domingo.
Hack of the French Archery Federation
First, it was the French Archery Federation that was the victim of a cyberattack. The organization warned its members by email of a large-scale leak of personal information. By exploiting a security flaw, cybercriminals exfiltrated the data of 77,256 people.
Among the compromised data are names, first names, dates of birth, email addresses, postal addresses, genders, and profile pictures. The leak was caused by "a security breach at our service provider in charge of licensing and management spaces for several sports federations", according to the French Archery Federation.
In fact, we can expect other federations to be affected in the near future. According to Clément Domingo, we can legitimately fear a "rebound in the coming days in other sports federations in France". As always, vulnerabilities have a domino effect when it comes to personal data. All it takes is for one service provider to falter for
In the press release, the federation assures that "the origin of the hack has been identified and blocked, and the malicious file neutralized". Hackers can no longer exploit the vulnerability to steal data.
Hacking of the French Mountain and Climbing Federation
Shortly after, the French Mountain and Climbing Federation (FFME) made a similar announcement. The federation warned 120,000 members of a theft of personal data. Here again, it was the names, first names, dates of birth, email addresses, postal addresses, identifiers, and telephone numbers of French people that were compromised.
The organization specifies that other federations have also suffered "computer attacks with data extraction". The federation relies on the same IT service provider as the French Archery Federation. The announcement of the data leak is therefore not a surprise. This is proof that leaks and other intrusions will multiply in the near future.
The federation indicates that the CNIL (National Commission for Information Technology and Civil Liberties) has been notified of the incident, in accordance with current French legislation. It is not known whether the CNIL, which plans to increase the number of checks, will look into the security measures implemented by the federation.
As the researcher explains, data leaks continue to occur in France at the beginning of the year. Intrusions are multiplying in the same way as at the end of last year. The first part of January was also marked by a flurry of attacks against French brands, including Kiabi and Showroomprivé. Will the rest of the month be the scene of cyberattacks against sports federations in France? Whatever happens, we recommend that all Internet users exercise extra caution...
0 Comments