![[BERTRAND GUAY / AFP]](/cdn-cgi/image/onerror=redirect,width=640,height=640,format=webp/https://storage.googleapis.com/uploads.mongoosehq.com/url/media/105461826/26472be82ac02c2631433671336fbb3cdcff862cb176ffbe024aa439325ca2d5)
Overview
- Investigators report an unidentified actor used a civil servant’s credentials to access parts of the national bank‑account registry from late January.
- Exposed fields include IBAN/RIB, account holder identity and address, and in some cases a tax identifier, while balances were not accessible and transactions cannot be initiated via Ficoba.
- Banks and authorities say the dataset could enable targeted phishing, false‑advisor schemes, fraudulent SEPA mandates, or subscription takeovers, even though it cannot enable card payments or direct transfers.
- Bercy has restricted access, filed a complaint, informed the CNIL, and mobilized DGFiP and ANSSI to harden systems, with banks alerted to raise customer vigilance.
- DGFiP says affected users will be notified in the coming days and should monitor accounts, review authorized creditors, and dispute suspicious debits promptly, noting SEPA reimbursement rules apply.