Agence France-Presse, one of the world's largest news organizations, has notified French regulators of a possible data breach following last week's cyber attack.
AFP News Agency, which has editorial offices in 260 cities in 150 countries, said in a brief statement on Saturday that it had detected an “attack on its systems” that affected some of its news distribution services to customers.
“AFP's technical team is working on this incident with support from the French National Information Systems Security Agency (ANSSI),” the organization said. “We are currently working to analyze and address this incident.”
AFP did not post further details about the incident or confirm whether customer data was compromised as a result of the attack. The news agency did not respond to TechCrunch's request for comment on the cybersecurity incident.
France's data protection authority, the National Freedom of Information Commission (CNIL), confirmed to TechCrunch that it had received notification of a possible data breach at AFP.
“We can confirm that CNIL has received notification from AFP regarding a possible data breach,” CNIL spokesperson Johan Brunet told TechCrunch in a statement.
Under the European data protection law, GDPR, French organizations must notify the CNIL within 72 hours of discovering a suspected or potential data breach.
It is still unclear what kind of data was accessed and how many people were affected, but some reports indicate that user credentials for AFP's file transfer (FTP) servers were compromised, leading to some AFP They claim that the content may have been accessible. The nature of the cyberattack also remains unclear, and no major cybercrime or ransomware group has yet laid charges over the incident.
Meanwhile, the AFP news agency said in a statement on Saturday: “We do not yet know who carried out this attack and why.”
AFP said parts of the organization's website remained down at the time of going to press, but it continued to provide news coverage around the world.