chargement...
On April 8, 2025, the Algerian hacker group JabaRoot DZ launched a series of cyberattacks on Moroccan institutions, in what may be the biggest data breach the country has ever seen. The main targets were the websites of the Ministry of Economic Inclusion and the National Social Security Fund (CNSS).
The group made its motivations clear: «This leak is a response to the hostile actions of Moroccan hackers who stole the Twitter account of the Algerian Press Service (APS) after it was banned by Twitter», they wrote on their Telegram channel.
Ministry seeks to reassure
The Ministry of Economic Inclusion confirmed that its website had been defaced by hackers identifying as Algerians. However, it downplayed the breach, stressing that the site is purely informational and does not contain professional or sensitive databases. «No personal or sensitive data has been compromised», it said in a statement.
But was the ministry too quick to make such claims, without conducting a proper audit to assess the damage? JabaRoot DZ wasted no time in challenging the ministry’s statement, publishing what it claimed were employee pay slips from the ministry. JabaRoot DZ published over 3,000 pay slips belonging to Ministry employees. Despite this, the Ministry denied the authenticity of the documents circulating online, claiming they had been wrongly attributed to its services.
CNSS Hit by Massive Data Breach
Just hours after the attack on the ministry, JabaRoot DZ claimed a far more serious intrusion—this time targeting CNSS. The group said it had accessed confidential documents, including salary declaration certificates from various companies and lists of employees by name.
Initial analysis suggests the breach involved an Excel file containing details on nearly 500,000 companies and around 53,576 PDF files. According to documents published by the hackers, the leaked data includes salary declarations from past years involving companies such as the royal holding SIGER, several banks, the Israeli Liaison Office in Morocco, and multiple Moroccan media outlets. Some of the files even reveal the declared salaries of high-profile individuals.
CNSS previously alerted by Yabiladi in 2020
This isn’t the first time CNSS has faced a data security incident. In January 2020, Yabiladi reported an unsecured access point exposing data for 3.5 million private sector users. The exposed information included ID numbers, addresses, bank account details, health reimbursement histories, and up to four years of salary records. After being alerted, CNSS's IT team quickly patched the vulnerability, and the National Commission for the Protection of Personal Data (CNDP) launched an investigation.
As of now, CNSS has not issued any official statement regarding the latest attack. But according to a Moroccan cybersecurity expert contacted by Yabiladi, it represents «the largest data leak in Morocco’s history». Authorities are currently assessing the extent of the breach and ramping up cybersecurity defenses to prevent future attacks.
This incident underscores just how vulnerable digital infrastructures can be in the face of cyber threats—especially against the backdrop of heightened tensions between Algeria and Morocco. JabaRoot DZ has already issued a warning: «Any future hostile action against Algerian interests will be met with even stronger responses».
