After the fear around bedbugs in transport, it’s time for hackers. The regional transport authority Ile-de-France Mobilités (IDFM) announced on Friday that it had filed a complaint after the hacking of “4,000 active email addresses and passwords” used “to connect to user accounts”.
IDFM “filed a complaint with the public prosecutor for fraudulent data collection,” according to a press release. The complaint was filed this Friday, the regional authority told AFP in the evening. “The attacker fraudulently collected around 4,000 email addresses and active passwords on the Web, which he used to connect to the accounts” of Ile-de-France Mobilités Connect, indicates IDFM.
Ile-de-France Mobilités “reacted immediately by asking Worldline [spécialiste de la sécurisation des paiements, NDLR] to take the necessary technical measures to put an end to this attempt and, if necessary, to take any additional measures to strengthen security.”
Affected users have been informed
The regional transport authority, which organizes and finances transport for all Ile-de-France residents, in particular via the Navigo pass, told AFP that it “was notified on October 4 of the attack”, which its service provider Worldline had “noted October 2.” It does not specify whether the accounts whose passwords were hacked were then used fraudulently or not.
“In accordance with its obligations regarding the protection of personal data, Île-de-France Mobilités has notified the data breach to the National Commission for Information Technology and Liberties (Cnil) and is keeping it informed of developments in the situation,” indicates IDFM, which says it has informed the users concerned.
In the standard letter sent to the users concerned, they are informed that they will receive an email asking them to reset their password.