Casablanca – French authorities have identified unauthorized malicious actor has infiltrated the national registry of bank accounts, known as FICOBA, following an internal investigation by the Directorate General of Public Finances.
The breach began in late January and was instigated when a civil servant authorized to access the database as part of inter-ministerial information exchanges misused their login credentials.
According to the administration, the individual behind the intrusion impersonated an official and was able to access part of the file, which centralizes information on all bank accounts opened at financial institutions across France.
FICOBA contains sensitive personal data, including bank account details such as IBAN numbers, the identity of account holders, their addresses, and, in some cases, their tax identification numbers. Authorities estimate that approximately 1.2 million accounts may have been affected by the unauthorized access.
The incident was detected by the tax administration’s internal monitoring systems. Once confirmed, immediate measures were implemented to restrict access and prevent further consultation of the database.
Officials said the steps taken were aimed at stopping the intrusion, limiting the scope of data that could be accessed or extracted, and securing the system against additional attempts. Work is ongoing to restore the service under reinforced security conditions.
Individuals whose data may have been consulted will receive direct notification in the coming days. In parallel, contact has been established with French banking institutions to encourage heightened vigilance among customers.
The Directorate General of Public Finances said its information technology teams are fully mobilized and working closely with the Ministry of Finance’s High Official for Defense and Security as well as the National Cybersecurity Agency.
The incident has also been reported to the National Commission on Informatics and Liberty, France’s data protection authority, and a criminal complaint has been filed.
The tax administration stressed that it never requests login credentials or bank card numbers through messages. In case of doubt about the authenticity of a communication, users are advised to contact their tax office directly through the secure messaging service available in their online account or by telephone.
Officials further recommended that anyone who suspects fraudulent use of their personal data preserve all evidence, including messages, website addresses, and screenshots, and consult official resources dedicated to cybercrime prevention.
Read also: Abu Dhabi Finance Week Data Leak Exposes Passports of Global Leaders, Investors