A French travel agency fell victim to a ransomware attack on the night of May 15 to 16. At the time, the agency gave reassuring news, claiming that “so far, no customer or payment data has been stolen”. Only a few days after the incident, and after refusing to pay a ransom, the hackers carried out their threat by making the collected data public.
A major leak
Around 8,000 French passports were made available on the darknet following a cyberattack on a travel agency in mid-May by a group of hackers.
The criminals broke into their computer system and managed to get their hands on thousands of customer passports. In a press release, the French company explains that these passports are photocopies collected on a voluntary basis, with the aim of facilitating travel arrangements. This leak affects around 2% of customers.
Passports are not the only personal data stolen by hackers, as they are accompanied by the telephone numbers and e-mail addresses of their holders. The group also claims to hold “many confidential documents” from the agency, such as commercial contracts with suppliers.
A consequent risk of identity theft and fraud
The real victims are undoubtedly the thousands of customers who have had their identity cards and personal information stolen. The main risk is identity theft, particularly online. Some online services, for example, require simple verification of identity by means of a copy of one’s identity document.
Solutions do exist to secure this verification and prevent usurpation, such as Facematch, i.e. facial recognition. Identity verification takes place in two stages, with the user sending his or her ID and then taking a selfie to prove that he or she is the rightful owner.
