French Bank Data Breach Exposes 1.2 Million Accounts
▼ Summary
– The French Ministry of Finance disclosed a cyberattack where hackers used stolen civil servant credentials to access the national bank account registry (FICOBA).
– The compromised database contained sensitive information for about 1.2 million accounts, including bank details, holder identity, and addresses.
– The system’s operations have been disrupted, and work is underway to restore it with enhanced security, though no timeline for its return is available.
– Affected users will be notified individually, and banks are raising customer awareness due to an increase in related scam attempts via email and SMS.
– The incident has been reported to the French data protection authority (CNIL), and IT teams are collaborating with cybersecurity agencies to strengthen system security.
A significant cybersecurity breach has compromised the personal and financial data of approximately 1.2 million individuals in France. The French Ministry of Finance confirmed the incident, which involved unauthorized access to the national bank account registry, known as FICOBA. This centralized database, managed by the French tax authority, contains sensitive records provided by banking institutions across the country.
Investigators determined that the breach occurred in late January when a threat actor used stolen credentials from a civil servant. These credentials granted access to an interministerial platform, which in turn provided a pathway to a portion of the FICOBA database. The stolen information includes bank account details such as RIBs and IBANs, account holder identities, physical addresses, and in some instances, taxpayer identification numbers. The ministry acted swiftly to block the intruder’s access upon discovery, but officials believe the data had already been exposed and was potentially copied.
The FICOBA system itself has been taken offline due to the attack, disrupting its normal operations. Work is actively underway to restore the registry with improved security protocols, though authorities have not provided a timeline for when it will be fully operational again. The breach highlights the severe risks associated with centralized financial data repositories and the critical need for robust access controls.
Affected individuals will receive direct notifications in the coming days. French banking institutions have been alerted and are expected to advise their customers to exercise heightened vigilance. In the wake of the incident, there has been a noticeable surge in phishing attempts via email and text message, with scammers attempting to capitalize on public concern. Officials strongly emphasize that the tax administration will never request login credentials or bank card numbers through such messages.
The French data protection authority, CNIL, has been formally notified of the breach as required by law. A collaborative effort is now in progress, with the IT teams from the tax authority working alongside the Ministry of Finance and the National Cybersecurity Agency of France (ANSSI). Their primary goals are to reinforce the system’s defenses against future attacks and return the critical registry to a secure, fully functional state.
(Source: Bleeping Computer)
