Tags : Morocco, JabarootDZ, hacking, CNSS, Siger, Mohamed Mounir El Majidi, Akhannouch, payslips, salaries,

Amidst growing geopolitical tensions between Algeria and Morocco, an unprecedented large-scale cyberattack targeted key Moroccan institutions on April 8th of this year. Claimed by the Algerian hacker collective « JabaRoot DZ, » the operation began with the intrusion of the Ministry of Employment’s website and then extended to the database of the National Social Security Fund (CNSS), leading to the publication of thousands of sensitive documents. North African beauty and wellness products

According to the CNSS, more than 54,000 PDF files and an Excel file were disseminated, exposing the personal information of nearly two million employees and the administrative data of approximately 500,000 Moroccan companies. Among the revealed documents were payslips detailing names, social security numbers, salaries, and sometimes identity card numbers.

Executives of major public and private entities, such as Royal Air Maroc or Attijariwafa Bank, as well as relatives of the royal family, had their data put online. Indeed, according to Moroccan media, the Banque Centrale Populaire, the Mohammed VI Investment Fund, Crédit du Maroc, Israel’s liaison office in Morocco, and Siger, the King’s personal holding company, were among the targeted entities. The King’s private secretary, Mohamed Mounir El Majidi, also had his salary leaked. The potential consequences of this cyberattack are numerous and serious.

This brutal revelation has highlighted the deep salary inequalities in the country, sparking a national debate on social justice, financial transparency, and the distribution of wealth. In parallel, the inability of public institutions to protect such sensitive data has reinforced an already palpable mistrust of their ability to secure information. The Akhannouch government now faces increasing pressure to explain the flaws in its system and implement concrete cybersecurity measures.

SERIOUS CONSEQUENCES

This operation has contributed to a marked erosion of citizens’ trust in public digital services, increasing concerns about the protection of their personal data. Also, the exposure of personal data such as names, social security numbers, and bank details significantly increases the risks of identity theft, phishing, and bank fraud for citizens. At the same time, the publication of sensitive files tarnishes the reputation of the Moroccan companies involved, compromising their business relationships and potentially leading to a loss of confidence from their partners and clients.

Finally, this massive leak highlights the weaknesses of national digital infrastructures, fostering growing mistrust in online public services and undermining confidence in the entire digital ecosystem. Mustapha Baitas, spokesperson for the Moroccan government, stressed: « This attack has a deliberate character in an already delicate diplomatic context, following the American recognition of Moroccan sovereignty over Western Sahara. »

The response from the Algerian hackers was immediate. On their Telegram channel, « JabaRoot DZ » justified the intrusion as a retaliation for a previous hacking of the Twitter account of the Algerian Press Agency (APS), attributed to Moroccan hackers after its suspension. The perpetrators threatened further actions in the event of future attacks against Algerian interests. The Ministry of Employment initially downplayed the extent of the attack, claiming that only public data was exposed, a position contested by the disclosure of internal payslips. North African beauty and wellness products

The CNSS, for its part, activated its cybersecurity protocol and opened an internal investigation to assess the extent of the breach. Beyond the violation of the privacy of millions of Moroccans, this incident highlights the vulnerabilities of national digital infrastructures, which could erode users’ trust in public services.

The CNSS has also warned Moroccan citizens that any malicious dissemination or use of the exposed data could be subject to legal action. Furthermore, this attack reinforces the specter of a new cyberattack. To prevent such incidents in the future, Moroccan authorities have announced a plan to strengthen cybersecurity, including regular audits and the upgrading of systems.

Tags: #Morocco #Hacking AlgerianHackers #cyberattack #CNSS #MinistereEmploi #Siger #ElMajidi #Akhannouch #JabaRootDZ