A collective of hackers has launched into hacking CAF accounts. The CAF confirmed to us on February 13 that four family allowance recipients suffered a data breach. The accounts of the four people in question were posted by hacktivists from the LulzSec group on X (formerly Twitter) and Telegram.
By email, the Family Allowance fund tells us:
Advertisement
“ As a precaution, the site caf.fr was closed for several hours last night. At this time, no security breach has been detected on the site, no intrusion has occurred in the system. The site is therefore reopened »
“ The 4 accounts subject to the screenshots have been identified, the data breach has been proven. Access to these 4 accounts was done without forcing the site's system, by providing passwords probably obtained elsewhere by the authors. This confirms that the Caf.fr site has not experienced a security breach.
For these 4 recipients, the hackers were able to access their contact details and the last amount of benefits paid. But no access to bank details (RIB) is possible.e “.
Cybersecurity rules to follow to avoid hacking
LulzSec hackers claim to have compromised 600,000 CAF accounts. The organization responds that “ on the allegations of 600,000 benefit accounts supposedly “hacked”, investigations are underway. At this time, these data breaches concerning 600,000 benefiting accounts are not certified “.
Advertisement
The people targeted by the hackers have been contacted. A complaint was filed and a report to the CNIL was made.
CAF reminds that in case of doubt, “theBeneficiaries can change their password and get advice on the site Assistance to victims of cybercrime “.
Change the password of your Caf account
The modus operandi to compromise the accounts is not known. Hackers were able to gain access by phishing targets or using a data leak to log into their profile.
To change your password, CAF has put the procedure online since this link.
These account hacks come after a cyberattack against two third-party payment operators, Viamedis and Almerys, which allowed hackers to recover the data of 33 million citizens.