Cyber Incident Victim: Caisse Nationale de Sécurité Sociale (CNSS)
Date:
Apr 2025
Location:
Morocco
Summary
CNSS suffered a cyber intrusion that compromised its databases and led to the leak of personal and professional data belonging to nearly two million workers and hundreds of thousands of enterprises. The breach was claimed by the Algerian hacking group Jabaroot DZ, which stated the operation aimed to destabilize and divert attention. The incident highlights ongoing weaknesses in public sector information system governance, protection and auditing despite recent national cybersecurity legislation and cloud‑usage regulations.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On April 8, 2025, the computer systems of the Caisse Nationale de Sécurité Sociale (CNSS) were subjected to a cyberattack that targeted its databases. The intrusion was claimed by the Algerian hacker group Jabaroot DZ, which announced responsibility for the operation. The attack resulted in the exfiltration of a substantial volume of private data stored by the institution. Officials confirmed that the breach was discovered on the same day it occurred.
The leaked files contained personal and professional information belonging to nearly two million salaried individuals registered with the CNSS. In addition, data pertaining to hundreds of thousands of companies that contribute to the social security system were also exposed. The compromised information included identifiers, employment histories, and contribution records. The scale of the disclosure raised concerns about the privacy of a significant portion of the Moroccan workforce and its employers.
The article notes that Morocco had previously adopted law n° 05-20 on cyber‑security and, more recently, a decree governing the use of cloud services for public administrations. Despite these legislative measures, the piece highlights that persistent shortcomings remain in the governance, protection, and auditing of governmental information systems. These weaknesses are described as factors that could be exploited by adversaries seeking to destabilize critical services.