The personal data of applicants for a French tourist visa has been stolen in a cyber-attack. Almost 9,000 people are reportedly affected.
Though the hack was quickly neutralised, information such as name, date of birth passport or identity card number, and nationality was taken. Various, but limited, uses of the data could result, the interior ministry said.
The leaked information does not include financial or sensitive data under the General Data Protection Regulation (GDPR), it added.
“Nor does it allow [the hacker] to initiate administrative procedures on behalf of the person whose data were disclosed, whether on the France-Visas portal or any other French institutional site,” it said.
The breach happened on 10 August, but the ministry has only gone public about it in recent days having sent messages and advice to the affected individuals.
The ministry and ministry of Europe and foreign affairs has secured the attacked platform to prevent a repeat incident.
“Those measures ensure that use of France-Visas by nationals of foreign countries wishing to travel to France is carried out under the required security conditions,” the interior ministry said.
A criminal investigation is underway and France’s data protection authority CNIL has been informed.
PrivSec Global is back for another 2 information-packed days, featuring a series of brand new topics and themes.