This is not an email that is pleasant to receive. On Wednesday December 6, thousands of French men and women were informed that personal information concerning them had been stolen from the SNU website.
This is a new controversy that the Universal National Service (SNU) will have to face. The program, which the government wants to make mandatory in the coming years, was the target of malicious hackers who stole a lot of personal information on its participants, as well as their parents.
62,500 young people, 87,000 parents
According to Actu.fr, which managed to get its hands on the email mentioning the problem, 62,500 young people’s accounts are affected by this hacking and 87,000 parents’ accounts. In total, almost 150,000 people saw their data stolen, whether old or new volunteers. And the information obtained is not the least.
For young people, this is their first and last name, email and postal addresses and their dates of birth. Concerning the parents, the same, just minus the date of birth. “ However, the usernames and passwords were not stolen », confirmed the Ministry of National Education (which has the SNU under supervision) to Actu.fr.
In the email sent to the victims, the SNU explains having filed a complaint and putting “ every effort is made to limit the dissemination of this data, with the help of the authorities “. No department was particularly targeted by the hacking which took place “ indiscriminately », Explains the ministry, which also warned the CNIL.
Beware of phishing attempts
No information has been disclosed by National Education on the hacking operation itself. It is impossible to know whether this is an internal error or a circumvention of the security systems in place. Both raise their share of questions about the data security policy put in place by the SNU.
In any case, after a leak of this magnitude, the best thing to do is to remain very vigilant against possible phishing attempts that could take place. The more personal information a hacker has available, the more likely a spoofed email is to be convincing. A detail that it would have been fashionable to recall in the email reporting the hack, given the hackers’ appetite for student email addresses. So be careful in the coming days if you receive suspicious letters inviting you to provide personal data under a suspicious pretext.
Source: Actu.fr
1