CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

French Government Agencies Experience Multiple Data Breaches Affecting 1.2 Million Individuals

First reported
Last updated
1 unique sources, 2 articles

Summary

Hide ▲

Pajemploi, a French social security service for parents and home-based childcare providers, reported a data breach on November 14, 2025, potentially exposing personal information of 1.2 million individuals. The breach affected registered professional caregivers working for private employers. The stolen data includes full names, places of birth, postal addresses, social security numbers, banking institution names, Pajemploi numbers, and accreditation numbers. The agency assured that bank account numbers, email addresses, phone numbers, and account passwords were not compromised. Pajemploi took immediate action to stop the attack and notified the French Data Protection Authority (CNIL) and the National Agency for the Security of Information Systems (ANSSI). In late January 2026, a cybersecurity incident impacted data associated with 1.2 million user accounts at the national bank account registry (FICOBA). Hackers gained access using stolen credentials from a civil servant, exfiltrating sensitive information including bank account details, account holder identity, physical address, and taxpayer identification number. The Ministry took immediate action to restrict access and is working to restore the system with enhanced security. Affected users will be notified individually, and banking institutions have been informed to raise awareness among customers. Numerous scam attempts are circulating, and users are advised to be vigilant.

Timeline

  1. 20.02.2026 18:20 1 articles · 23h ago

    FICOBA Breach in Late January 2026 Exposes 1.2 Million Accounts

    In late January 2026, a cybersecurity incident impacted data associated with 1.2 million user accounts at the national bank account registry (FICOBA). Hackers gained access using stolen credentials from a civil servant, exfiltrating sensitive information including bank account details, account holder identity, physical address, and taxpayer identification number. The Ministry took immediate action to restrict access and is working to restore the system with enhanced security. Affected users will be notified individually, and banking institutions have been informed to raise awareness among customers. Numerous scam attempts are circulating, and users are advised to be vigilant.

    Show sources
    Open in new tab
  2. 18.11.2025 18:59 2 articles · 3mo ago

    Pajemploi Data Breach Affects 1.2 Million Individuals

    On November 14, 2025, Pajemploi detected a data breach potentially exposing personal information of 1.2 million individuals. The stolen data includes full names, places of birth, postal addresses, social security numbers, banking institution names, Pajemploi numbers, and accreditation numbers. The agency took immediate action to stop the attack and notified CNIL and ANSSI. Each affected individual will be notified, and URSSAF advises caution due to the elevated risk of fraudulent communications using the stolen information.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Betterment Data Breach Exposes 1.4 Million Accounts

A data breach at Betterment, a fintech firm managing $65 billion in assets, exposed personal information of 1.4 million accounts. The breach, occurring in January 2026, involved stolen email addresses, names, geographic data, dates of birth, physical addresses, phone numbers, device information, and employment details. The attackers also sent fraudulent emails attempting to lure customers into a cryptocurrency scam. Betterment confirmed no customer accounts or login information were compromised, but the breach included significant contact information.

Open in new tab

France Travail Fined €5 Million for Data Breach Exposing 43 Million Records

The French data protection authority (CNIL) fined France Travail €5 million for failing to secure job seekers' data, leading to a breach that exposed personal information of 43 million individuals. The breach, which occurred in March 2024, involved social engineering techniques to hijack accounts of CAP EMPLOI advisers. The stolen data included names, dates of birth, national insurance numbers, and contact details, but did not include bank details or complete job-seeker files. CNIL ordered France Travail to implement corrective measures and provide a detailed schedule for compliance, with daily penalties of €5,000 for non-compliance. Three individuals were arrested in connection with the breach, aged 21, 22, and 23.

Open in new tab

Cyberattack on French Interior Ministry Email Servers

The French Interior Ministry confirmed a cyberattack on its email servers, detected between December 11 and 12, 2025. The breach allowed unauthorized access to document files, though data exfiltration remains unconfirmed. The ministry has tightened security protocols and launched an investigation to determine the origin and scope of the attack. Possible motives include foreign interference, activism, or cybercrime. On December 17, 2025, a 22-year-old suspect was arrested in connection with the attack. The suspect is accused of unauthorized access to an automated personal data processing system as part of an organized group. Investigations are being conducted by OFAC, France's Office for Combating Cybercrime. A BreachForums admin claimed responsibility for the attack, alleging it was in revenge for the arrests of forum moderators and admins. The forum post claims that data on 16,444,373 people from France's police records was stolen. In April 2025, France attributed a widespread hacking campaign to APT28, a group linked to Russia's GRU, targeting various French entities.

Open in new tab

French Football Federation Data Breach Exposes Amateur Player Information

The French Football Federation (FFF) suffered a data breach on November 20, 2025, exposing personal details of millions of amateur football players. The breach involved unauthorized access to a software platform used by licensed football clubs for administrative tasks. The exposed data includes names, genders, dates of birth, birth locations, nationalities, postal addresses, email addresses, phone numbers, and football license ID numbers. The FFF took immediate steps to secure the platform by deactivating the compromised account and resetting all user account passwords. The federation also notified relevant authorities and warned players to be vigilant against phishing scams. This incident follows a similar breach at the French Shooting Federation three weeks prior.

Open in new tab

Sensitive Data Exposed in Auchan Retailer Cyberattack

A cyberattack on Auchan, a French multinational retail group, exposed sensitive data associated with the loyalty accounts of several hundred thousand customers. The breach, which occurred in November 2024, included full names, titles, postal addresses, email addresses, phone numbers, and loyalty card numbers. The incident did not affect bank data, passwords, or PIN numbers. The company has notified the French Data Protection Authority (CNIL) and is advising customers to be vigilant against potential phishing attacks. The breach occurred amidst a series of similar incidents affecting large French entities, though no direct links have been established. This is the second data breach Auchan has disclosed over the past year.

Open in new tab