The French social contributions collection agency, Urssaf, recently announced a major data breach impacting its Pajemploi service, which facilitates the payment of childminders by parents. The cyberattack, disclosed on November 17th, may have compromised the personal information of up to 1.2 million private employers who utilize the platform. Urssaf confirmed that the breach, which occurred on November 14th, led to the potential theft of several categories of personal data, including first and last name, date and place of birth, full address, social security number, bank name, Pajemploi number, and accreditation number. The organization has stressed that critical financial and access information, specifically bank account numbers (IBANs), email addresses, phone numbers, or login passwords, were not compromised in the attack.
In response to the incident, Urssaf stated that it took immediate and necessary measures to identify the cause, resolve the security breach, and significantly strengthen the protection of its information systems. All internal teams were mobilized immediately upon the discovery of the security compromise. The organization has committed to individually contacting every user whose data was potentially stolen to inform them of the situation. Despite the breach of personal data, the core Pajemploi system remains operational and unaffected, meaning there will be no disruption to the standard process of declaring or paying wages to childminders, ensuring continued service functionality for all users.
Following the identification of the security lapse, Urssaf proactively reported the incident to the relevant regulatory and legal bodies. This included informing the French data protection authority, the CNIL, and the national cybersecurity agency, as well as filing a criminal complaint with the public prosecutor. The organization is operating under the assumption that the stolen data is likely to be sold online to malicious actors and used to orchestrate fraudulent activities targeting the affected employers.
This stolen information is a significant resource for scammers who specialize in phishing attacks. Fraudsters are now expected to pose as legitimate officials, potentially even claiming to be Urssaf workers, using the personal details gained from the data breach to lend credibility to their deceitful attempts. Phishing scams commonly utilize high-pressure, forceful tactics, often instructing victims that they must perform certain actions immediately or face severe financial or legal penalties.
Given the heightened risk, Urssaf has issued a strong recommendation that all users exercise increased vigilance against any suspicious emails, text messages, or phone calls that claim to be from the organization or other officials. The organization has provided specific contact methods for users with questions or concerns regarding the breach, asking them to reach out via the dedicated email address, pajemploi.donnees.personnelles@urssaf.fr, or by calling the dedicated telephone number, 0809 541 896, for support and clarification.
Reference:
