Algerian Hackers Breach Moroccan Government Website, Expose Employee Data

On Tuesday, a cyberattack targeted the website of the Moroccan Ministry of Economic Inclusion, Small Business, Employment and Skills, especially the National Social Security Fund (CNSS). The CNSS file of strategic and well-known entities, as well as the list of Moroccan employees, were revealed on a Telegram channel. In a statement, a group of Algerian hackers calling themselves "Jabaroot" claimed responsibility for the hacking of the Ministry of Employment.

The computer hacking is "a response to the Moroccan harassment of the official pages of Algerian social networks," the group explained, referring to the blocking of the account of the Algerian Press Agency (APS) on the X platform. The Algerian hackers also published a map of North Africa including the map of Morocco amputated from its Sahara.

The cyberattack temporarily disrupted access to the digital platform of the Moroccan Ministry of Employment. However, the ministry could have avoided this cyberattack. In a Facebook post dated April 3, a Moroccan expert had issued an early warning about the vulnerability of the ministry. He had developed three scenarios: "1. SQL injection attacks; 2. File modification (backdoors and malware); 3. Remote code execution." "The mere knowledge of the name of the database file constitutes a serious problem in itself," he had warned.

On the Moroccan side, hackers would have launched counter-attacks "targeting Algerian government websites, as well as websites belonging to the Polisario separatist front" in response to the cyberattack orchestrated by Algerian hackers.