Data belonging to over 152,000 employees has been exposed in a cyber attack on Simplicia, a French Cloud-based electronic transaction management tools provider. The breach came to light when a dark web user, operating under the username ‘Nationalist,’ claimed to possess this extensive dataset.
While ‘Nationalist’ did not claim responsibility for the Simplicia cyber attack, they asserted ownership of data stolen during a security incident at the company in September 2023. Simplicia, founded in September 2018, specializes in IT solutions to streamline data processes, allowing clients to focus on data analysis rather than retrieval.
Although Simplicia’s website was accessible when the cyber attack claims surfaced, inquiries have been sent to the company officials for their comments and to verify the data leak. ‘Nationalist’ made this revelation on September 3 and even provided a headline on the dark web – “Simplicia.co Database, Leaked – Download!”
The user suggested that the hacking occurred in September, raising the possibility that they acquired or purchased the stolen data from another hacker who may have failed to obtain a ransom from Simplicia.
The exposed dataset contains sensitive employee information, including names, client IDs, leave records, reimbursement amounts, and refund dates. Additionally, it included national identification numbers (NIR) and insurance code data. The incident underscores the seriousness of data breaches and their potential consequences for individuals.
It also sheds light on the prevalence of data trading on the dark web and the importance of strong, unique passwords and proactive measures to safeguard personal information in an era of widespread cyber threats. Users are encouraged to monitor their data’s presence on the dark web using resources like Cyble’s AMIBREACHED dark web search portal.