What Happened
France Travail, the French national employment agency, suffered a data breach on July 12, 2025, affecting the Kairos platform used by employers and training organizations to connect with job seekers. The breach exposed personal information of over 340,000 users, including names, postal addresses, email addresses, phone numbers, and France Travail identification numbers, though passwords and banking details remained secure. The attack was caused by an infostealer malware that compromised a user account belonging to a partner training organization, granting attackers access to the Kairos application. France Travail immediately shut down affected services upon discovery on July 13 and notified users via email on July 22, warning them to remain vigilant against potential phishing and social engineering attacks. This marked the second major breach for the agency in approximately two years, following a significantly larger incident in March 2024 that exposed 43 million records.
