Urssaf users are advised to be particularly vigilant about their bank accounts. More than 10,000 people are affected by a leak of confidential data, which was mistakenly shared with other users on the weekend of May 1. According to Urssaf, the information of self-employed workers (craftsmen, traders and liberal professions) “who made their tax return before April 27 was posted on the online account” of other self-employed workers, following a “computer incident”.
When it realized its mistake, Urssaf removed the disputed files from online spaces, but it estimates that the information of 10,640 people may have been viewed by third parties. It indicates that it has warned the persons concerned, and provides the telephone number 36 98 “for any further information”.
Urssaf alerted by an interior decorator
Vincent Remlinger, an Alsatian interior decorator who had sounded the alarm very quickly in Rue 89 Strasbourg, indicated that he had had access to information from 115 professionals in the region, contained in a PDF file of more than 450 pages shared by Urssaf on May 1. “I was amazed that the document contained personal and sensitive information” such as “their income for the past year, their schedule of social security contributions for 2023, their bank details, their secret identifiers to access Urssaf…”, has he told AFP.
He immediately contacted Urssaf via its online messaging system and also directly notified around twenty Alsatian lawyers appearing in the file. “I contacted them one by one, telling myself that they were the closest to the law and the best able to help me react,” he said. These professionals “have all received bundles of fairly comparable documents, with information on their colleagues, their competitors”, he added.
“I suspended the direct debit authorization from my bank account and changed my access codes to Urssaf (…). I demand an independent investigation so that this cannot happen again in the future,” he said. Of the 7,400 people who received information by mistake, 1,650 consulted their online space with information about other people, said Urssaf. Autoentrepreneurs are not affected by the incident.