The French travel agency Voyageurs du monde was the victim of a cyberattack last May. Result: 10,000 passports and numerous confidential customer data were published on the Dark Web.

The French travel agency Voyageurs du monde was the victim of a cyberattack last May. Result: 10,000 passports and numerous confidential customer data were published on the Dark Web.

Large companies are regularly the target of cyberattacks because they have a lot of personal data, which represents a real gold mine for hackers. Lastpass, Acer, Deezer, Twitter… Everyone had the right! And it is not the current context that will improve things, on the contrary! Since the start of the war in Ukraine, the number of cyberattacks against companies and public bodies has increased by 140% in Europe since February 2022. This time, it is the turn of the French travel agency Voyageurs du World – which is known for organizing tailor-made journeys – to be targeted. Indeed, she was the victim, on May 16, of a major data theft, which was orchestrated by Lockbit. This group of Russian-speaking hackers, which was also behind the attacks against Thales in late 2022 and against Mac users with ransomware in April 2023, said they stole no less than “10,000 passports and tons of confidential data”as reported France info. As usual, the hackers demanded a ransom, which the French tour operator categorically refused to pay. Result: everything was published on the Dark Web!

French passports on the Dark Web: the door open to identity theft

After the attack, Travelers of the world had however affirmed in his press release that“there is nothing to tell us that our customers’ data has been stolen”. The theft of personal data, the majority of which belongs to French customers, was finally confirmed by the travel agency. In fact, this one said on May 30 that “The in-depth analysis of our data – which required several days of work – indicates that the data of certain passports has been stolen and published”, following his refusal to pay the ransom – a reaction that is advised by cybersecurity experts, in order not to feed the system of cybercriminals and give them the means to improve their attacks. However, she wants to be reassuring, saying that “the information published by our attacker is very limited” and that the attack only concerned “2% of customers”which mainly come from the “Travel to local authorities” activity. “The customers concerned will be informed directly, knowing that the biometric data, which remains confidential, ensures their security.“, she continues. Finally, she specifies that no sensitive information – namely bank data – is in the hands of hackers.

In the hands of malicious people, stolen data can lead to even more elaborate phishing campaigns, identity theft or the taking out of loans. The Paris prosecutor’s office indicates that it has opened a preliminary investigation opened on May 30.i for “criminal association to commit a felony or misdemeanor punishable by five when imprisonment”, “organized gang extortion”, “obstructs the operation of a STAD” (automated data processing system) and “fraudulent access and maintenance in a STAD”. The investigation was entrusted to the Directorate General of the National Gendarmerie (DGGN), in conjunction with the Central Directorate of the Judicial Police (DCPJ).