French authorities have confirmed they were the victim of a cyberattack which took place on August 10, 2021. The Ministry of the Interior reported that the attack was quickly neutralised, but that it jeopardised the personal data of visa applicants, including email addresses and basic identity information.
A statement on the Ministry of the Interior’s website said that the organisation and the Ministry for Europe and Foreign Affairs immediately took the necessary measures to secure the platform and prevent such events from happening again. The National Commission for Informatics and Liberties (CNIL) was informed of the facts noted. The government has also filed a complaint and a judicial investigation is underway.
Trevor J. Morgan, Product Manager at comforte AG, said: “News from French authorities that a cyberattack led to the theft of personal information of over 9,000 people applying for a French visa is ironic but not surprising. We all have to realise that not only are enterprises being targeted, but also governmental organisations and their third-party partners and vendors who collect and process highly sensitive PII. Nobody and no organisation is safe, especially if the defensive strategy is to rely on traditional perimeter-based security models which isolate sensitive data but only protect the borders. Data-centric security, which protects the data itself, is a much better and safer option that can augment more traditional protection methods, because it focuses on protecting data elements themselves using techniques such as tokenisation or format-preserving encryption. In these methods, innocuous representational data replaces sensitive data elements, so the actual information is incomprehensible and ultimately free from being leveraged by threat actors for their own gain. This incident purportedly isn’t far-reaching and doesn’t involve highly sensitive information. However, the next one might, either for this victim or even your own organisation. Head off potentially catastrophic repercussions by augmenting your defensive posture with data-centric security. It’s a passport for your journey to a more secure data environment!”Click below to share this article