Three people aged 19 to 21 were arrested on Sunday March 17 as part of the investigation into a theft of data targeting France Travail, the Paris prosecutor’s office announced on Tuesday. They were presented to an investigating judge during the day with a view to indictment, the specialized J3 section of the prosecution requesting their placement in pre-trial detention.
The investigation, entrusted to the brigade for the fight against cybercrime (BL2C) within the Paris police headquarters, established that between February 6 and March 5, accounts “Cap Emploi agent, authorized to access the resources present on the France Travail information system, had been used to download data on the job seeker database”announces the prosecution in a press release.
The suspects arrested on Sunday had “for some of them a fraudulent activity using technology” phishing, which involves sending booby-trapped links to steal personal credentials. The judicial investigation was opened on charges of “fraudulent access and maintenance in an automated data processing system”, extraction of this data, fraud and money laundering, all by an organized gang.
The investigation continues
However, uncertainty remains around the real extent of the stolen data. On March 13, France Travail explained that the data exposed by this leak potentially concerned 43 million people, i.e. “ people currently registered, people previously registered over the last twenty years as well as people not registered on the list of job seekers but having a candidate space on francetravail.fr”.
The information affected by this data breach was the “last name, first name, date of birth, Social Security number, France Travail identifier, email and postal addresses and telephone number”. An investigation has also been opened by the National Commission for Information Technology and Liberties in order to determine whether appropriate security measures had been implemented by France Travail.
We also do not know whether the perpetrators of the attack have already had time to resell them or distribute them on specific platforms, where they can then be exploited to carry out mail and SMS campaigns. malicious. The BL2C investigation continues with “the objective of searching for possible other actors and assessing the share of responsibility of each”concluded the Paris prosecutor’s office on Tuesday.