Not 1.2 million, but 120,000.
This is the number of job seekers affected by a personal data leak, according to the initial results of the survey carried out by Pôle Emploi.
Read also: Faced with cyber attacks, the world is entering a zone of turbulence
On June 10, an advertisement for the sale of a database from the pole-emploi.fr site was posted on a specialized forum, for an amount of 1000 dollars, or approximately 840 euros. In the ad, the hacker claimed to have "
the name
", "
age
", "
phone number
", or even "
email address
" of "
1.2 million entries
". An advertisement refuted by Pôle Emploi: “
The first elements available to us suggest that this leak would concern ten times fewer people than envisaged.
An investigation was opened by the organization on Friday, June 11.
The operator clarified that usernames, passwords, social security numbers and payment information are not affected by the data leak, but did not comment on the theft of the rest of the personal data.
Phishing risks
Pôle Emploi contacted the people affected by this leak to advise them to be extra vigilant and avoid any risk of phishing. "
People concerned are advised to remain vigilant in the face of fraudulent job offers and proposals to update their situation by e-mail, SMS or sites external to Pôle Emploi,
" the organization said. Individuals taking advantage of the information they have on the unemployed could indeed carry out fraud attempts by SMS, email or post.
The first results of the investigation also show that it would not be a cyber attack.
"This data leak would be due to human actions and not to a cyber attack, but at this stage, it is not yet possible to determine the origin," explains Pôle Emploi.
The hacker quickly recanted by removing the ad and posting a message on the forum apologizing.
“
In such a difficult period, organizations like Pôle Emploi are of great benefit to our company, and I have decided not to ruin their reputation.
The French unemployed can sleep peacefully, no one is going to steal their identity,
”he said in a message in English.
Read also: Cyber attacks worry political parties ahead of the presidential election
The National Commission for Informatics and Freedoms (Cnil) confirmed that a data breach notification was being investigated regarding this data breach.