“We are not happy”: Urssaf confirms a colossal hack which affects more than a million people

The Pajemploi service, which allows parent employers to declare and pay their childminders and childminders at home, suffered a computer attack the scale of which is becoming clearer. Urssaf published a press release on Monday detailing the incident that occurred last Friday, described as an act of cybermaliciousness.

Pajemploi: 1.2 million people exposed after massive data theft

The stolen information only concerns employees, mainly approved childminders and childminders. According to Urssaf, the hackers were able to extract particularly sensitive data: surnames, first names, dates and places of birth, postal addresses, Social Security numbers, names of banking establishments as well as Pajemploi and approval numbers.

The organization nevertheless wants to be reassuring on certain aspects. Bank account numbers, email addresses, telephone numbers and login passwords would not have been compromised.

The operation of the service remains operational and declarations and payments are not disrupted. The CNIL and the National Information Systems Security Agency were immediately alerted. A criminal complaint will be filed soon.

Each affected person will receive an individual notification. Urssaf calls for increased caution in the face of fraud attempts that could exploit this stolen data, particularly via false emails, SMS (smishing) or telephone calls pretending to be the organization. A dedicated line has been opened to answer questions.

This attack is part of a series of violations affecting French public services. At the end of October, France Travail had already been the victim of data theft concerning 30,000 job seekers.