Pôle emploi, French governmental agency that registers unemployed people, helps them find jobs, and provides them with financial aid on Wednesday informed that it is a victim of a cyberattack after one of its service providers was targeted, involving a risk of disclosure of personal data belonging to 10 million job seekers.
The incident came to light at the end of last week. Investigations are underway at the service provider to find out the reason behind the attack. Pôle emploi said that it has also notified the CNIL (National Commission for Computing and Liberties) about the incident, and it will soon be filing a complaint with the judicial authorities.
For those unaware, Pôle emploi is a French governmental agency that registers unemployed people, helps them find jobs, and provides them with financial aid.
“Pôle emploi became aware of the violation of the information system of one of its providers involving a risk of disclosure of personal data of job seekers,” reads the press release (translated into English).
According to Pôle emploi, job seekers registered in February 2022 and former users of the employment agency are potentially affected by this theft of personal data.
While it did not specify the number of affected individuals, an estimated 10 million people are believed to be impacted, as per a report from the French publication Le Parisien.
When Le Parisien contacted Pôle emploi to find out the service provider targeted in the cyberattack, they were informed by their management that the company was Majorel, which is responsible for the digitization and processing of all documents submitted by job seekers.
The cybercrime incident is believed to have exposed the first name, surname, and NIR (Social Security number) of job seekers. However, no other sensitive information such as email addresses, telephone numbers, passwords, and bank details have been leaked in the attack.
Although the exposed data has minimal use in carrying out cybercrime attacks, Pôle emploi advises job seekers to remain vigilant of any incoming communications that could appear fraudulent.
Further, the agency also clarified that its financial aid programs, as well as the online employment portal at “pole-employment.fr” have not been impacted by the cyberattack.
“Pôle emploi is making every effort to limit its effects and will individually inform all those concerned, while the service provider is reinforcing the existing security measures. Support for job seekers will also be available via the 39 49 telephone platform to assist those who have questions related to the subject,” added the press release.
Pôle emploi says that all its teams and service providers are engaged in securing the data of job seekers and companies.
It will continue to strengthen its protection systems, procedures, and instructions with regard to such type of events to avoid them from happening again in the future.