Cyberattack Targets CNSS… Investigation Leads to Algerian “Hacker”

At the beginning of April, the National Social Security Fund (CNSS) experienced an unprecedented cyberattack that led to the leak of sensitive data concerning thousands of subscribers. The incident stirred significant concern in digital circles and raised serious questions about the security of citizens’ personal information.

Described as a “serious” breach, the attack targeted the organization’s information system and resulted in the publication of a massive file containing detailed data on approximately 500 companies and over 1.9 million employees. The file was widely circulated on Telegram channels.

Sources specialized in cybersecurity revealed that initial technical investigations pointed to the Algerian group “Jabroot,” a well-known collective in the cyberhacking scene. The leak is believed to have originated from one of their Telegram channels.

Interestingly, according to the same sources, the individual suspected of being directly responsible for the breach—who operates under the alias “3N16M4″—made a technical error during the file upload process. Specifically, they used the “Forward” function on Telegram, which allowed investigators to trace the origin of the leak and uncover their real identity.

In an official statement, the CNSS administration confirmed that the attack targeted the institution’s internal security protocols. They added that some of the documents being circulated were manipulated or taken out of context, and that the leaked data is currently undergoing thorough auditing.

The CNSS emphasized that the response to the incident was swift and professional. Emergency protocols were activated, and technical measures were implemented to protect and strengthen the information system. An internal administrative investigation has been launched, and the relevant judicial authorities have been informed.

In light of the increasing frequency of cyberattacks, a critical question resurfaces: Who is protecting Moroccans’ sensitive data?