SNCF: railway workers’ data was stolen following a hack

The personal data of railway workers, stolen when an SNCF service provider was hacked, were broadcast on the dark web, the railway group said, calling on its employees to be vigilant.

“The attack did not specifically target the SNCF, but targeted a secure data exchange platform (MOVEit) used by an SNCF service provider”explained management in an internal briefing note, stating that it “affected several hundred major companies and government agencies around the world”.

The stolen data comes from files necessary for occupational medicine, stored at an approved health data host as required by the regulations, according to the SNCF. They include professional and personal contact details, certain data used by the group’s human resources (number, marital status, country of origin, type of contract, position, remuneration position, etc.), the Social Security number and certain health such as work stoppages in progress, occupational illnesses or specific medical follow-ups.

No bank data, pay slips or passwords are among the stolen data, management said.

The SNCF invites its agents to be even more vigilant than usual, certain data can be used to approach railway workers and extract money or sensitive data from them by putting them in confidence.

A large number of companies around the world have been affected in recent weeks by an attack against the MOVEit file transfer software, provided by Progress Software. Among the victims of this attack by the Russian hacker group Clop are companies such as the BBC, British Airways, Shell, Sony, the two audit and consulting firms PWC and EY, or the cybersecurity software publisher NortonLifeLock.