Summary
The Agence France-Presse (AFP), a major global news agency, experienced a cyberattack that disrupted its IT systems and client content delivery services. While the agency confirmed that its worldwide news coverage remained unaffected, the attack raised concerns about potential data breaches and compromised credentials.
Following the incident, AFP notified French regulators of a potential data breach, adhering to GDPR requirements that mandate reporting within 72 hours of discovering such incidents. The French National Agency for IT Systems Security (ANSSI) is assisting AFP in addressing the attack, which occurred on September 28, 2024. Specific details regarding the nature of the attack, the perpetrators, and the extent of any data compromise remain unclear. Reports suggest that user credentials for AFP’s file transfer (FTP) servers might have been compromised, prompting the agency to advise partners to change their passwords and secure their systems. As cyberattacks have increasingly targeted French organizations this year, concerns about national cybersecurity are growing, particularly in the context of geopolitical tensions.
Incident Overview
- Date of Attack: September 28, 2024
- Affected Services: IT systems and content delivery for clients
- Investigation: Ongoing collaboration with ANSSI
Regulatory Response
- Notification: AFP has informed the Commission Nationale Informatique & Libertés (CNIL) of the potential breach.
- GDPR Compliance: The agency is following regulations that require timely reporting of data breaches.
Background Context
The attack on AFP is part of a broader trend of cyber incidents affecting French institutions, with several high-profile breaches reported earlier in the year. The French government has attributed many of these attacks to foreign actors, particularly amid rising tensions linked to geopolitical conflicts.
News agency AFP notifies French authorities of potential data breach
Oct. 2 / Tech Crunch / Focuses on AFP's regulatory compliance and potential data breach notification, offering insight into GDPR implications. The lack of detailed analysis on data compromise is a missed opportunity for deeper understanding. “ Agence France-Presse, one of the world’s largest news organizations, has notified French regulators of a potential data breach following a cyberattack last...
Media giant AFP hit by cyberattack impacting news delivery services
Sep. 30 / Bleepingcomputer / Highlights the impact of the cyberattack on AFP's client services while confirming that global news coverage remains intact. The inclusion of AFP's response and ongoing investigation adds depth. “ Global news agency AFP (Agence France-Presse) is warning that it suffered a cyberattack on Friday, which impacted IT systems and content delivery services...
French news agency AFP hit by cyberattack
Sep. 28 / Yahoo! News / Provides a concise overview of the incident, emphasizing the involvement of French cybersecurity agencies and the geopolitical context. However, it lacks detailed information on the nature of the attack. “ French news agency Agence France-Presse (AFP) has been hit by a cyberattack, the agency said in a statement on Saturday. The attack on AFP's IT system, which...