A newly surfaced post on a dark web forum claims that Morocco’s Caisse Nationale de Sécurité Sociale (CNSS) has once again suffered a data breach, raising fresh concerns about the security of sensitive national databases.
The threat actor behind the listing, Knee_Grow, shared what they describe as a 10,000-record sample containing family data and individual CNSS client records. They allege that the exposed information includes details such as family files, individual documents, and other personal identifiers.
The post specifically mocks CNSS’s two-factor authentication (2FA) system, calling it bypassable and ineffective. According to the actor, the breach originated from a “super secure and protected API” that instead exposed private citizen data.
The seller also threatened that if CNSS denies the breach—as they allegedly did in the earlier Jabaroot incident—they will leak the full dataset for sale. The threat includes claims of access to:
- 220,000+ family data records
- 750,000+ individual CNSS documents
This alleged breach, if confirmed, could have severe consequences for Moroccan citizens, as CNSS manages social security, health benefits, and personal identification information for millions of workers and their families.
Repeated exposures of CNSS data highlight not only the vulnerabilities within Morocco’s critical social security infrastructure but also the growing wave of cyberattacks targeting government systems in North Africa.