cyber Breach

Ile-De-France Mobilités

Oct 15, 2023 1 min read
Ile-De-France Mobilités

Île-de-France Mobilités files a complaint for attempted unauthorised access to Connect accounts from Île-de-France Mobilités.

An effort to hack the Île-de-France Mobilités Connect service proved successful.

The hacker utilised the approximately 4,000 active email addresses and passwords he fraudulently obtained from the internet to access the accounts.

Île-de-France Mobilités swiftly reacted by requesting Worldline to take the required technological steps to thwart this attempt and, if necessary, to take any further actions to bolster security.

Île-de-France Mobilités has informed the National Commission for Information Technology and Liberties (Cnil) of the data breach and is keeping it updated on the situation in compliance with its obligations for the protection of personal data.

Source: https://www.google.com/url?q=https://presse.iledefrance-mobilites.fr/ile-de-france-mobilites-porte-plainte-pour-tentative-dacces-frauduleux-sur-des-comptes-ile-de-france-mobilites-connect/&sa=D&source=editors&ust=1697405239648285&usg=AOvVaw1X5NKgd1e_iVozTIOe2TEn

TPRM report: https://scoringcyber.rankiteo.com/company/idfmobilites

"id": "ile157161023",
"linkid": "idfmobilites",
"type": "Breach",
"date": "10/2023",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'industry': 'Transportation',
                        'location': 'Île-de-France, France',
                        'name': 'Île-de-France Mobilités',
                        'type': 'Government Organization'}],
 'attack_vector': 'Credential Stuffing',
 'data_breach': {'number_of_records_exposed': 4000,
                 'type_of_data_compromised': ['Email Addresses', 'Passwords']},
 'description': 'An effort to hack the Île-de-France Mobilités Connect service '
                'proved successful. The hacker utilised the approximately '
                '4,000 active email addresses and passwords he fraudulently '
                'obtained from the internet to access the accounts.',
 'impact': {'data_compromised': ['Email Addresses', 'Passwords']},
 'initial_access_broker': {'entry_point': 'Credential Stuffing'},
 'post_incident_analysis': {'root_causes': 'Weak or Stolen Credentials'},
 'regulatory_compliance': {'regulatory_notifications': ['National Commission '
                                                        'for Information '
                                                        'Technology and '
                                                        'Liberties (Cnil)']},
 'response': {'communication_strategy': 'Informed the National Commission for '
                                        'Information Technology and Liberties '
                                        '(Cnil)',
              'containment_measures': 'Technological steps to thwart the '
                                      'attempt',
              'remediation_measures': ['Further actions to bolster security'],
              'third_party_assistance': ['Worldline']},
 'title': 'Île-de-France Mobilités Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Weak or Stolen Credentials'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.