A major data breach has compromised the systems of Morocco’s National Social Security Fund (CNSS), exposing sensitive personal and financial data of nearly 2 million citizens. The attack was reportedly carried out by a threat actor using the alias “Jabaroot”, who published the stolen data on a well-known dark web forum on April 8.
According to Resecurity, the leaked information includes full names, national ID and passport numbers, banking details, email addresses, and even salary information of employees across government institutions and private enterprises. Affected entities include the Ministry of Economy and Finance, Ministry of Health, AMDIE, and several EU-based companies operating in Morocco.
The leaked dataset, verified by cybersecurity researchers, was released in CSV and PDF formats, totaling personal data of over 1.99 million individuals. The files appear to have timestamps from November 29, 2024, suggesting the breach may have occurred months earlier. The motive remains unclear, though some analysts suggest potential espionage masked as hacktivism.
No official notification has been issued by CNSS or Moroccan regulators, raising concerns over transparency and incident response. Victims have not been informed, despite growing risks of identity theft, fraud, and social engineering targeting both individuals and employers.
Jabaroot also leaked salary details of government officials and tied the attack to regional tensions, referencing alleged cyber incidents between Algerian and Moroccan hackers.
This incident marks one of Morocco’s most significant cybersecurity breaches, with experts calling for stronger data protection laws, incident disclosure protocols, and proactive cybersecurity measures amid rising digitization.