Cyber: Data Breach At French Bank Registry Impacts 1.2 Million Accounts

The French Ministry of Finance has disclosed a cybersecurity incident that impacted data associated with 1.2 million user accounts.

The investigation discovered that hackers gained access to the national bank account registry (FICOBA) and stole a database containing sensitive information.

The Ministry's announcement notes that in late January, a threat actor used credentials stolen from a civil servant with access to the interministerial information sharing platform.

The credentials gave the hacker access to part of a database that contained all bank accounts opened in French banking institutions and personal data:

The Ministry states that it took immediate action to restrict the threat actor’s access to its systems immediately after detecting the incident. However, it is believed that data of about 1.2 million accounts were already exposed to potential exfiltration.

FICOBA is a centralized state-managed registry of bank accounts in France, operated by the French tax authority, the Direction générale des Finances publiques (DGFiP).

It operates as a database that records the existence and identifiers of accounts, with data provided by French banking institutions in accordance with tax enforcement law requirements.

The cyberattack has disrupted the system's operations, and work is underway to restore it with enhanced security. However, there is no estimation of when FICOBA will be back online.

The Ministry also stated that users affected by the incident will be notified individually over the next few days.

Banking institutions in the country have been informed accordingly, and they are expected to take action to raise awareness among their customers of the need for increased vigilance.

Source: BleepingComputer