France Ministry of Labor and Employment reports data breach at third party provider

 France’s Ministry of Labor and Employment reports a cyberattack targeting a third party service provider for its "Local Missions" network, a program aimed at guiding young people aged 16 to 25 in employment and training opportunities. This program has been active since the 1980s.

The Ministry emphasized that the integrity of the Local Missions network’s core information systems remains uncompromised and that the breach was isolated to the service provider.

The attack exposed personal data of numerous young people registered with the Local Missions including:

• Full names,
• Dates of birth,
• Nationality,
• Email and postal addresses,
• Phone numbers.

The Ministry claims that certain sensitive data, including Social Security numbers, bank details (IBAN), and identity documents, were not affected by the incident.

The exact number of individuals impacted has not been disclosed, but the breadth of the Local Missions program, coupled with the historical data it manages, suggests a significant volume of exposed records.

The Ministry has also escalated the matter to regulatory authorities and filed a formal complaint with judicial authorities in France. The incident has been reported to France's privacy regulator, the Commission Nationale de l’Informatique et des Libertés (CNIL), and the National Cybersecurity Agency of France (ANSSI), which will oversee further investigation and response measures.