Cyber Incident Victim: Ministère du Travail et de l'Emploi
Date:
Oct 2024
Location:
France
Summary
A cyberattack targeted a service provider utilized by the French Ministry of Labour and Employment, compromising personal data of young individuals supported by Local Missions across the country. Exposed information included names, birthdates, contact details, and nationalities, though financial data, social security numbers, and identity documents remained unaffected. The ministry confirmed its internal systems were not breached but initiated judicial complaints, notified affected parties and data protection authorities, and launched investigations to determine the attack's origin. Security enhancements for the provider's systems are planned in response to the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On the night of October 23-24, 2024, a cyberattack targeted a service provider utilized by France’s Ministry of Labour and Employment (Ministère du Travail et de l’Emploi), specifically affecting systems supporting the Missions locales network. The Missions locales provide guidance and support services to young people across France. The ministry confirmed the incident publicly on October 24, characterizing it as an act of cyber-malveillance. While the ministry asserted that the core information systems of the Missions locales themselves remained secure, the breach compromised personal data belonging to young individuals receiving support from the network. The exposed data included full names, dates of birth, nationalities, postal addresses, email addresses, and telephone numbers. Sensitive information such as bank account details (IBAN), social security numbers, and identity documents were not stored in the affected systems and therefore remained unaffected. The geographical scope of the impact spanned the entire French territory, given the nationwide operations of the Missions locales.
In response, the Ministry of Labour filed a formal complaint with judicial authorities and launched investigations to determine the origin and full extent of the attack. The ministry coordinated with the National Union of Missions Locales (Union nationale des Missions locales) to notify affected individuals about the potential exposure of their data. Regulatory notification was also made to the National Commission for Information Technology and Civil Liberties (CNIL) in compliance with data protection obligations. While specific technical details about the attack vector or perpetrator were not disclosed, the ministry announced plans to implement additional security measures to strengthen the provider’s information systems. No operational disruptions to Missions locales services were reported, as the breach was confined to the third-party provider’s infrastructure. The incident underscored broader cybersecurity challenges facing public sector contractors, occurring shortly after a separate attack targeting telecommunications operator Free.