French public office hit with €5 million CNIL fine after massive data leak
TL;DR
France's data protection authority fined France Travail €5 million for a massive data breach affecting 36.8 million people. The leak exposed sensitive personal data collected over 20 years, with attackers using social engineering rather than technical vulnerabilities.
Tags
Source: digwatch
The data protection authority of France has imposed a €5 million penalty on France Travail after a massive data breach exposed sensitive personal information collected over two decades. A leak which included social security numbers, email addresses, phone numbers and home addresses of an estimated 36.8 million people who had used the public employment service. CNIL said adequate security measures would have made access far more difficult for the attackers. The investigation found that cybercriminals exploited employees through social engineering instead of breaking in through technical vulnerabilities. Full Story