A threat actor using the alias, darkMods, has posted a breach involving CNOPS (Caisse Nationale des Organismes de Prévoyance Sociale), Morocco’s national health insurance agency for public sector workers. According to the listing, the leaked data includes sensitive employee details such as:
- Full names
- CIN (Carte d’Identité Nationale / National ID numbers)
- CNI (presumably internal identification)
- Job positions
While the threat actor did not post the full dataset yet, they indicated that complete files would be leaked in due course. The exposure of national ID numbers alongside employee roles could open the door to serious risks, ranging from identity theft to targeted phishing campaigns.
This incident comes amid a wave of data breaches affecting North African institutions, once again spotlighting weaknesses in the region’s data security practices. We will continue to monitor for the eventual leak or potential resale of this data on other markets.