France work was targeted by a “Malventy action” Having allowed the fraudulent consultation of personal data of several hundred thousand job seekers, the organization announced to the MondeWednesday July 23, confirming the information of the site Next.
The alert was given on July 12 by the CERT-FR, the watchful watch that monitored security flaws and incidents, overseen by the National Information Systems Systems Agency (ANSSI). The attack would have targeted Kairos, a training request for training requests for job seekers, now unavailable. “The account of a training organization established in Isère has been identified as being at the origin of this abnormal activity. This account was compromised by an “infostealer” ”software designed to steal passwords, explains France work.
Personal data “Of 340,000 job seekers have been consulted and would therefore be likely to be disclosed and exploited in an illegally”specifies the organization. Among the elements concerned, we would find in particular “Names and first names, birth dates, France work identifiers, email and postal addresses and telephone numbers”. Banking data is not concerned, adds France work, which declares that it has reported this violation to the National Commission for Data Protection and have filed a complaint.
Already in 2024, a previous hacking had targeted France work, without anyone knowing how many people had, then, could be victims of a flight of personal data. Three people had been indicted after the investigation by the Cybercrime (BL2C) brigade within the Paris police headquarters.
