Data breach at French bank registry impacts 1.2 million accounts
Source: Bleeping Computer
Incident overview
The French Ministry of Finance disclosed a cybersecurity incident that impacted data associated with 1.2 million user accounts. Hackers gained access to the national bank account registry (FICOBA) and stole a database containing sensitive information.
The Ministry’s announcement notes that in late January a threat actor used credentials stolen from a civil servant with access to the inter‑ministerial information‑sharing platform.
Data that was compromised
The compromised database contained:
- Bank account details, including RIBs/IBANs
- Account holder identity
- Physical address
- Taxpayer identification number (in some cases)
Response and mitigation
- The Ministry acted immediately to restrict the threat actor’s access after detecting the incident.
- It is believed that data of about 1.2 million accounts had already been exposed to potential exfiltration.
- Affected users will be notified individually over the next few days.
- Banking institutions have been informed and are expected to raise awareness among their customers.
The Ministry warned that numerous scam attempts are circulating via email and SMS, aiming to steal data or money directly from recipients.
“The tax administration never asks for your login credentials or bank card number via message,” the French ministry cautioned.
Authorities involved
- FICOBA – a centralized, state‑managed registry of bank accounts in France, operated by the French tax authority (Direction générale des Finances publiques, DGFiP).
- CNIL – the French data protection authority, which has been informed about the incident.
- ANSSI – the National Cybersecurity Agency of France, working with DGFiP’s IT team and the Ministry of Finance to strengthen system security and restore full operational status.
No estimate has been provided for when FICOBA will be back online.