This service is used to declare and pay nannies and nannies at home. Pajemploi became a victim of data theft on November 14 “could affect up to 1.2 million employees of private companies”Urssaf reported on Monday, November 17.
This action “cybercrime” allows to recover in particular surnames, first names, date and place of birth, postal addresses, Social Security numbers and names of banking companies, but not bank account numbers, email addresses, telephone numbers or connection passwords, underlines Urssaf in a press release.
However, these employees’ bank account numbers, email addresses, telephone numbers and connection passwords were not affected, the institution explained.
Call for vigilance
The press release emphasized that this action, limited to the Pajemploi service and not affecting other Urssaf services, does not “no impact” about the operation of this service and “does not question the processing of declarations and salary payments”.
This data leak has been notified to the National Commission on Information Technology and Freedom (CNIL) and the National Agency for Information Systems Security (ANSSI), Urssaf reported. Criminal charges must also be filed with the public prosecutor.
Ursaf “apologize for this breach of data confidentiality” and ensure that everything is complete “to strengthen its systems and permanently guarantee the security of the data entrusted to it”. Urssaf also recommends to everyone “to increase awareness in dealing with the risk of email fraud, (from) SMS or (from) calls”.
