Critical

France Travail fined €5 million for failing to protect job seeker data

Help Net Security
Actively Exploited

Overview

France's data protection authority, CNIL, has imposed a €5 million fine on the public employment agency France Travail for failing to adequately protect the personal data of job seekers. The breach occurred when attackers utilized social engineering tactics to compromise accounts associated with Cap emploi, a partner organization. As a result, sensitive information from current and former registrants, spanning the last 20 years, was accessed. This incident raises serious concerns about data security practices, especially for organizations handling sensitive personal information. The exposure of such a large volume of data could put many individuals at risk of identity theft or fraud.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: France Travail job seeker data, including current and former registrants over the past 20 years.
  • Action Required: Implement stronger security protocols and training to prevent social engineering attacks; conduct regular security audits.
  • Timeline: Newly disclosed

Original Article Summary

France data protection authority CNIL has fined public employment agency France Travail €5 million for failing to ensure the security of personal data of job seekers. Attackers gained access to the organization’s systems through social engineering techniques that targeted accounts used by staff at Cap emploi, a partner organization. The investigation found that attackers accessed data linked to current registrants, former registrants from the past 20 years, and individuals with a candidate profile on francetravail.fr. … More → The post France Travail fined €5 million for failing to protect job seeker data appeared first on Help Net Security.

Impact

France Travail job seeker data, including current and former registrants over the past 20 years.

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Implement stronger security protocols and training to prevent social engineering attacks; conduct regular security audits.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Data Breach.

Related Coverage

Russian hackers use fake CAPTCHA to infect Ukrainian targets

SCM feed for Latest

The Sandworm group, which is associated with Russia's military intelligence agency, the GRU, is targeting Ukrainian organizations using a deceptive approach called ClickFix. This technique involves creating fake CAPTCHA challenges that trick users into downloading malware. By exploiting social engineering tactics, the attackers aim to gain access to sensitive information. This method poses a significant risk to Ukrainian entities, as it can lead to data breaches and further cyber operations. The use of such sophisticated tactics reflects the ongoing cybersecurity threats faced by Ukraine amid its geopolitical tensions with Russia.

Jul 16, 2026

Period tracking app Stardust shares sensitive user data with third parties, report finds

SCM feed for Latest

A recent investigation by Mozilla has found that the period tracking app Stardust is sharing sensitive user data with third-party service RudderStack. This data is linked to a unique identifier rather than personal names, which raises privacy concerns for users. The sharing of such information can potentially expose users to unwanted marketing and other privacy risks. Given the nature of period tracking apps, which often contain sensitive health data, this incident highlights the need for greater transparency and user control over personal information. Users of Stardust may want to reconsider their use of the app or review its privacy settings to protect their data.

Jul 16, 2026

Daxin malware resurfaces with new backdoor targeting Taiwan manufacturer

SCM feed for Latest

The Daxin malware, a kernel-mode rootkit first identified in March 2022, has resurfaced, with researchers discovering it operating on a compromised system belonging to a manufacturer in Taiwan in 2026. This malware is particularly concerning because it can provide attackers with deep access to targeted systems, potentially leading to data theft or further exploitation. The resurgence of Daxin suggests that attackers are still actively using and developing sophisticated tools to breach security measures, particularly in regions like Taiwan, which is significant for its role in global technology supply chains. Companies in the region should enhance their defenses and monitor for any signs of compromise to mitigate the risks associated with this malware. The ongoing evolution of threats like Daxin emphasizes the need for continuous vigilance in cybersecurity practices.

Jul 16, 2026

23andMe agrees to $18 million settlement over data breach

SCM feed for Latest

23andMe has agreed to pay $18 million in a settlement following a data breach that affected approximately 6.9 million customers. This breach occurred between April and September 2023, and was caused by credential-stuffing attacks, where attackers used stolen usernames and passwords to access accounts. The compromised data included sensitive genetic ancestry information, raising significant privacy concerns for users. This incident underscores the risks associated with storing personal genetic data online, as it can be exploited for various malicious purposes. Customers affected by the breach may need to monitor their accounts closely and consider additional security measures to protect their personal information.

Jul 16, 2026

Program to rotate cyber personnel through federal agencies saw little use

CyberScoop

The Government Accountability Office (GAO) reported that the Federal Rotational Cyber Workforce program, designed to rotate cybersecurity professionals among federal agencies, has seen minimal participation. Only a handful of personnel received approval to join the initiative, which aims to enhance collaboration and knowledge sharing across government entities. This low engagement raises concerns about the effectiveness of the program in addressing the growing cybersecurity challenges faced by federal agencies. Without a more robust participation rate, the program may struggle to achieve its intended goals of improving cyber defense capabilities and developing a skilled workforce. The findings suggest a need for better incentives or support to encourage agencies to utilize this resource effectively.

Jul 16, 2026

New OkoBot framework deploys 20 payloads to steal data, crypto

BleepingComputer

A new malware framework named OkoBot has emerged, capable of deploying over 20 different payloads aimed at stealing sensitive data, particularly cryptocurrency wallet seed phrases and user credentials. The framework is designed to infiltrate systems and extract valuable information from users, making it a significant threat to anyone dealing with cryptocurrencies. As cybercriminals increasingly target digital assets, this development raises alarms for individuals and businesses alike. Users are advised to enhance their security measures and remain vigilant against suspicious activities that may indicate an OkoBot attack. The rise of such tools underscores the ongoing risk of data breaches in the cryptocurrency space.

Jul 16, 2026