Today, Wednesday, October 29, 2025, France Travail confirmed to Tech & Co an attack that would have compromised the information of approximately 31,000 job applicants. The agency also told us that the attack was claimed by the cybercriminal group Stormous. A group of Russian origin that had already attacked the National Education computer system last June.
Although France Travail also confirms that cybercriminals claim to have the data of 31,000 job applicants, it cannot “confirm the volume of job applicants affected” or determine “the nature of the data accessed.”
The hackers, for their part, indicate that they have recovered, in addition to usernames and passwords, the name, date of birth, address, telephone number and email. More worryingly, they also claim to have identity documents, bank identity statements, tax notices, social security certificates, as well as elements linked to skills and professional careers (training, employment contracts, skills, etc.). Enough to create accurate and detailed profiles for possible phishing attacks in the future.
France Travail specifies that “internal teams continue their investigations.”
Very limited liability
This need for research is linked to an important point. France Travail is not primarily responsible for this data breach, in the sense that it was not its infrastructure that was attacked, or at least not directly and due to a vulnerability.
The information was stolen thanks to “malware (infostealer-type virus)”, France Travail explains in its response, which was installed on “the personal computers of job applicants”.
Let us remember that this type of tool allows connection data to be recovered without the users’ knowledge, which offers hackers the possibility of “legitimately connecting to the France Travail information system and consulting/extracting the personal data of the job applicant.” Items that can be sold on the dark web.
Without inviting them to change their password, France Travail reminds users of its services and applications to “exercise the greatest vigilance over the strength and confidentiality of their passwords.”
Last July, France Travail announced that it had been the victim of a “malicious act” and deplored that the data of at least 340,000 job applicants had been hacked. In March 2024, the agency was also at the center of a cyberattack; This time, the attackers managed to compromise the accounts of the advisors and thus access the personal data of 43 million people.
Source: BFM TV
