Cyber Incident Victim: Ministère de l'Inclusion économique, de la Petite Entreprise, de l'Emploi et des Compétences

On April 1, 2025, the Moroccan Ministry of Economic Inclusion, Small Business, Employment, and Skills (MIEPEEC) publicly confirmed a cyberattack targeting its digital portal. The intrusion was claimed by the Algerian hacking group JabaRoot DZ, though the ministry’s official statement described the incident as having no major operational consequences. According to MIEPEEC, attackers compromised a primarily informational website hosting publicly accessible data, emphasizing that no sensitive databases or personally identifiable information were stored on the affected system. The ministry explicitly stated the portal contained no professional databases or confidential records, minimizing concerns about data exfiltration or privacy breaches. While the exact technical vector of the attack remained undisclosed, the compromise prompted MIEPEEC to issue a public communiqué addressing both the intrusion and unrelated documents circulating online.

The ministry sought to clarify its position regarding fraudulent documents falsely attributed to its departments, asserting these materials fell outside its jurisdictional scope. This disavowal appeared separate from the cyber incident itself but was communicated concurrently to mitigate reputational risks. No service disruptions, financial losses, or secondary attacks were reported in connection with the breach. MIEPEEC’s response focused on public transparency, reiterating the non-critical nature of the compromised asset and the absence of classified or proprietary information within the targeted digital infrastructure. The confirmation of JabaRoot DZ’s involvement provided attribution but did not elaborate on potential motives beyond the group’s stated claims. No additional remediation steps or forensic investigations were detailed in the public release, with the ministry characterizing the event as contained and inconsequential to its core functions.