According to information from Journal du Net, the hacker group KromSec has published personal information belonging to more than 1,100 employees of the Ministry of Justice. The institution has filed a complaint for concealment of information, but it denies on the other hand any cyber-intrusion in its infrastructures.
After the French visa application platform, it is the turn of the Ministry of Justice to be targeted by hackers. Indeed and according to information shared by our colleagues from the Journal du Net, the group of hacktivists KromSec just published this Monday, July 3, 2023 on a Telegram channel the personal data of thousands of employees of the institution.
We find in this list information from 1,120 magistrates and ministry employees. According to KromSec, this campaign was carried out in response to the riots that have shaken France since the death of young Nahel during a police check. “The sequence of events in France will determine whether or not we publish the data”, they had warned in a Twitter post the day before.
The information of a thousand magistrates can be found on the web
The compromising document is now online and contains in particular names with professional emails, telephone numbers, postal addresses, but also IBANs. The coordinates of several judges still in activity are therefore in nature. It includes in particular the data of a former magistrate member of the Court of Appeal of Versailles, a judge of the Tribunal de Grande Instance of Paris or even a magistrate of the TGI of Nanterre.
According to KromSec, this information was extracted by exploiting a flaw in Drupal, a software used in the management of websites. For its part, the Ministry of Justice ensures not having detected any intrusion into its systems. In addition, the institution specifies that the recovered data dates back several years. Because, several names cited are former magistrates now retired. Furthermore, the shared document does not belong to the ministry.
Despite everything, the Chancellery has decided to file a complaint with the Paris Public Prosecutor’s Office for “receiving information”. As a reminder, the Ministry of Justice was the victim of a ransomware attack in January 2022. In 2016, a DDOS attack had paralyzed the official website of the ministry for several hours.
Source: JDN