Morocco's National Social Security Fund Faces Major Data Breach

TL;DR

The National Social Security Fund of Morocco (CNSS) has suffered a significant data breach, compromising the sensitive information of nearly 2 million citizens. The breach, claimed by the threat actor ‘Jabaroot’, highlights the growing cybersecurity risks in the MENA region.

Major Data Breach at Morocco’s National Social Security Fund

Overview of the Breach

Resecurity has identified a threat actor, known as ‘Jabaroot’, who targeted government systems in Morocco to exfiltrate large volumes of sensitive citizen data. The actor claimed to have compromised the National Social Security Fund of Morocco (CNSS), potentially affecting millions of digital identities. The scale of this breach has drawn significant attention from the cybersecurity community and privacy experts in the region, marking it as one of the largest cyber attacks in Morocco to date¹.

About the National Social Security Fund (CNSS)

The Morocco National Social Security Fund (CNSS), or Caisse Nationale de Sécurité Sociale, is a vital public institution responsible for managing the compulsory social security plan for salaried employees in Morocco’s private sector. Established in 1961, the CNSS covers healthcare, disability, and retirement benefits, similar to organizations in the US and EU. The fund stores a substantial amount of digital identity information, making it a prime target for cyber attacks².

Key Responsibilities of CNSS:

• Healthcare: Provides access to hospitalization, medical services, and other treatments for insured individuals and their dependents.
• Pension: Manages the pension system, ensuring retirement benefits for eligible individuals.
• Unemployment: Administers unemployment benefits, providing financial support to eligible individuals who lose their jobs.
• Other Benefits: Includes maternity benefits, invalidity allowances, family allowances, death grants, and survivor’s pensions.

Scope of the Data Breach

The threat actor leaked CSV and PDF files containing personal information of 1,996,026 employees from various enterprises operating in Morocco. With the CNSS managing data for over 400,000 reporting companies and more than 3.9 million employees, this breach is considered large-scale. The leaked data includes:

• Salary information
• Personally identifiable information (PII)
• Enterprise-related data

Impact on Citizens

The breach has resulted in the disclosure of citizens’ passport information, email addresses, salary details, and banking information. This data can be exploited by fraudsters for online banking theft via social engineering, making it challenging for victims to protect themselves. Replacing compromised documents is often impractical or technically infeasible³.

Cybersecurity Concerns in the MENA Region

Resecurity has warned of an increase in cyber-attacks targeting digital identities in the Middle East and North Africa (MENA) region. This incident underscores the urgent need for enhanced cybersecurity measures to protect sensitive data⁴.

Follow for More Updates

For the latest updates on cybersecurity news, follow:

• Twitter
• Facebook
• Mastodon

For more details, visit the full article: source

Conclusion

The data breach at Morocco’s National Social Security Fund highlights the critical need for robust cybersecurity measures. As cyber-attacks become more frequent and sophisticated, protecting digital identities and sensitive information is paramount. The incident serves as a wake-up call for organizations and governments to bolster their defenses against such threats.

References

1. Resecurity (2025). “Cybercriminals attacked National Social Security Fund of Morocco – millions of digital identities at risk of data breach”. Resecurity. Retrieved 2025-04-09. ↩︎

2. National Social Security Fund of Morocco (CNSS) (2025). “About CNSS”. CNSS. Retrieved 2025-04-09. ↩︎

3. Resecurity (2025). “Increase in cyber-attacks targeting digital identities in MENA region”. Resecurity. Retrieved 2025-04-09. ↩︎

4. Security Affairs (2025). “National Social Security Fund of Morocco suffers data breach”. Security Affairs. Retrieved 2025-04-09. ↩︎