On April 8, 2025, the cybercriminal known as Jabaroot announced on BreachForums the leak of sensitive data from Morocco's National Social Security Fund (CNSS). This breach exposes a staggering 53,000 PDF files and two CSV files, revealing detailed information about nearly 500,000 companies and 2 million employees, including personal identifiers like identification numbers and salaries.

Key Details of the Breach

• Nature of Data: The leaked dataset comprises financial and personal data, with documents dated as recently as November 2024. The breach includes bank details and full employee names.
• Potential Methods: The method of the attack remains unclear, but speculation suggests a possible zero-day exploit or a third-party software compromise.
• Threat Actor Profile: Jabaroot has quickly gained attention with a growing audience on Telegram, reaching over 8,000 subscribers. Investigations hint at the possibility that Jabaroot may be a computer engineer based in Germany, although they identify as being from Tunisia.

Geopolitical Context

Jabaroot claims that the breach is politically motivated, retaliating against Morocco for allegedly compromising the Twitter account of the Algerian Press Service. This incident reflects the increasing use of cyberattacks as political tools, blurring the lines between hacktivism and state-aligned actions.

How Zecurion Can Help Combat Data Loss

Third-party software compromises pose significant risks during such incidents. Zecurion, a vendor of Next Generation DLP, can help organizations detect, block, and mitigate these threats effectively. Here's how:

1. Monitoring & Controlling Data Flows
   • Detect Unauthorized Data Transfers: Zecurion tracks sensitive data movement, flagging suspicious transfers to unauthorized apps. For instance, if an employee tries to upload confidential files to unapproved cloud services, Zecurion blocks the transfer or alerts administrators.
   • Enforce Data Access Policies: The solution restricts access for third-party apps, ensuring sensitive data is only available to authorized users.
2. Preventing Data Exfiltration via Vulnerable Third-Party Apps
   • Block Risky File Transfers: Zecurion can immediately halt data transfers from compromised applications, stopping malware-infected plugins from exfiltrating information.
   • Encrypt Sensitive Data: Even if a third-party app is breached, Zecurion encrypts sensitive data, keeping it unreadable in the event of unauthorized access.
3. Identifying Shadow IT & Unapproved Software
   • Discover Risky Third-Party Tools: Zecurion scans networks to detect unauthorized applications, controlling their usage to mitigate breach risks.
   • Automate Compliance Enforcement: The solution ensures that only vetted third-party software is employed, maintaining an organization's security posture.
4. Behavioral Analysis & Anomaly Detection
   • Detect Insider Threats & Compromised Accounts: Zecurion flags unusual activities, like abnormal downloads from vendor accounts, helping to identify potential threats early.
   • AI-Powered Threat Detection: Utilizing machine learning, Zecurion identifies patterns of data leakage, even within encrypted traffic.
5. Compliance & Audit Readiness
   • Log All Data Interactions: The solution maintains comprehensive records of third-party data access for forensic analyses.
   • Automated Reporting: Zecurion generates audit trails that assist in compliance with regulations like GDPR or CCPA.

Contact us to find out how to protect your organization!