Massive theft. The Pajemploi service, which is used to declare and pay home nannies and nannies, fell victim to data theft on November 14, which “could affect up to 1.2 million employees of private companies”, Urssaf warned Monday.
“Personal data that can potentially be extracted are surname, first name, date and place of birth, postal address, Social Security number, name of banking institution, Pajemploi number and approval number,” explained Urssaf in a press release.
However, these employees’ bank account numbers, email addresses, telephone numbers, connection passwords are not affected, the institution explained.
There were no attacks on other Urssaf services
The press release underlines that this measure, limited to the Pajemploi service and not affecting other Urssaf services, has “no impact” on the operation of these services and “does not call into question the processing of declarations and salary payments”.
This data leak has been notified to the National Commission for Information Technology and Freedom (Cnil) and the Information Systems Security Agency (ANSSI), said Urssaf. Criminal charges must also be filed with the public prosecutor.
Urssaf “expressed its apologies for this breach of data confidentiality” and assured that it was doing everything possible “to strengthen its systems and permanently guarantee the security of the data entrusted to it.”
Urssaf also recommends that everyone “increase awareness regarding the risks of fraudulent emails, texts or calls.”
