Earlier this month, a historic Moroccan cybersecurity breach shook the nation, marking the most severe digital attack in its history. The target was the Caisse Nationale de Sécurité Sociale (CNSS), Morocco’s key agency for managing social benefits for private-sector workers. The breach exposed sensitive personal information of nearly 2 million individuals and data from around 40,000 businesses covering close to 4 million employees.
CNSS, founded in 1961, handles everything from healthcare and pensions to unemployment, maternity, and disability benefits. Because of this, it stores a huge amount of sensitive data on Moroccan citizens and businesses.
This breach raised alarms across the country, especially as Morocco adopts more digital services. The incident revealed serious issues in data protection, government crisis communication, and public transparency. So far, officials haven’t informed many victims, leaving them vulnerable and damaging trust in government systems.
The hacker, known as “Jabaroot,” leaked the stolen data on a Dark Web forum in PDF and CSV formats. They made no attempt to sell it, suggesting political or espionage motives over financial gain. Resecurity, a cybersecurity firm, called it a politically motivated cyber-attack. They named it Morocco’s most serious breach due to the data’s scale and sensitivity.
The leak revealed names, ID numbers, passport details, phone numbers, emails, salaries, and banking data. It also exposed internal files and employee records from major businesses and government departments.
The breach affected staff from the Finance, Health, Food Safety, and SME departments. Resecurity warned scammers may use the leaked data for identity theft, financial fraud, and phishing scams.
The hacker suggested this attack was revenge for Moroccan hackers targeting an Algerian state news agency. This follows a pattern of cyber hostilities between Moroccan and Algerian digital groups.
The files included salary data of top officials and accused them of hiding the breach’s true scale. One leaked archive dated November 29, 2024, raised suspicion of an earlier, unreported breach.
Resecurity verified the data’s authenticity by cross-checking it with clients and internal sources. Yet, CNSS and regulators haven’t officially informed affected individuals or provided protection steps.
This silence sparked public concern over privacy, accountability, and consumer rights. Experts fear scammers may already be using the data to impersonate citizens or run phishing attacks.
The leak affects not just Moroccans, but also foreign workers and businesses in Morocco. Experts say this could strain international trade and diplomatic relations.
Morocco’s data authority, CNDP, acknowledged the breach and called the data’s use illegal. Despite this, the government has taken little legal or regulatory action so far.
Resecurity is helping police investigate. They suspect a state-backed cyber group may be involved. These groups often hide behind hacktivist motives to avoid detection and blame.
This breach shows signs of deep political intent and organized digital espionage. Two years ago, CNSS had already warned the public about scammers posing as staff. They promised legal action then—a promise that now feels more urgent than ever.
Also read: India Plans to Replace Old SIM Cards Over Security Concerns After Chinese Chip Discovery
