For once, the banking sector has been affected. The leak, which occurred last month, compromised the personal data of certain clients of MAIF and the Banque Populaire-Caisse d'Epargne group (BPCE). The cause was an intrusion into the databases of the company Harvest, which specializes in creating software for wealth management and financial services.
An attack more massive than it seems
While the name Harvest doesn't mean anything to you, the company is nevertheless a major player in the French financial landscape. The attack, orchestrated by ransomware, temporarily paralyzed its services, affecting many banking institutions that used its services. Once the service provider was compromised, the hackers were finally able to attack its customers.
In a press release, MAIF indicated that the data of some of MAIF Solutions Financières' customers and prospects had been compromised. This included civil status, marital status, and professional status, but no passwords, identity documents, or identity statements (RIB). The BPCE group specified that only information relating to a small group of customers was compromised, including the unique identifier of certain securities accounts, and the total amount of assets held in these accounts.
What are the risks if you are affected?
No surprise if you are a customer of one of the affected banking establishments: the stolen data, while fortunately not critical, exposes you to high risks of targeted phishing. and identity theft. Hackers can use this information to set up personalized scams, posing as bank advisors or insurers to encourage their victims to reveal sensitive information or make fraudulent transactions. In their sights, vishing, this voice scam that is becoming increasingly widespread in France.
How to protect yourself?
If you are affected, your bank will be required to alert you by email, in accordance with French law. Above all, you will need to be wary in the coming months. Email or phone requests, even if convincing, could be nothing more than a well-rehearsed phishing attempt. If in doubt, it is advisable to contact your bank directly via its official website or app to verify the authenticity of the requested information. Also remember to never share sensitive information with unverified contacts.
This data leak is part of a worrying situation in France, where cyberattacks are on the rise. In 2024, the CNIL received 5,919 notifications of data leaks, an increase of 29% compared to 2023. Companies and individuals will have to be extra vigilant in protecting their personal data.
0 Comments