The Moroccan digital infrastructure has suffered what may be its most extensive cyberattack to date.
On Tuesday, an Algerian hacker group JabaRoot DZ, infiltrated the systems of several Moroccan institutions, including the Ministry of Economic Inclusion and the National Social Security Fund (CNSS).
While the ministry’s website was briefly defaced, the hackers claimed to have accessed and published sensitive information about Moroccan citizens, businesses, and high-level government institutions.
Hack fuelled by rising digital tensions with Algeria
According to Resecurity, a U.S.-based cybersecurity company investigating the breach, a threat actor operating under the alias “Jabaroot” infiltrated CNSS systems and exfiltrated large volumes of sensitive data. The files, published on underground forums and not offered for sale, suggest a motive rooted more in political retaliation or espionage than profit.
Related Post: Congo bolsters cybersecurity with $1.3 million
On Telegram, the hackers cited the suspension of the Algerian Press Service’s (APS) Twitter account, allegedly hijacked by Moroccan hackers, as justification for their actions.
This points to an intensifying digital rivalry between the two countries, layered over decades of political friction, especially concerning the Western Sahara dispute.
The attackers even published a controversial map dividing Morocco’s southern provinces, signaling clear alignment with separatist narratives supported by Algeria.
What was leaked
Resecurity confirmed the validity of the leaked data, which included CSV and PDF files revealing personally identifiable information (PII) of nearly 2 million citizens and data from over 500,000 Moroccan businesses.
The stolen records were reportedly compiled as early as November 2024 but only released recently, suggesting a deliberate strategy to maximize exposure.
Details exposed range from full names, ID numbers, bank account details, and salaries, to highly sensitive records involving employees from key state institutions.
Related Post: Google to boost Cloud security with $32 billion Wiz buyout
These include the Ministry of Economy and Finance, the Moroccan Pension Fund, the General Treasury of the Kingdom, and the Israeli Liaison Office in Rabat. Several foreign businesses operating in Morocco, including EU-based firms, were also caught in the breach.
The leak poses long-term risks: identity theft, banking fraud, and corporate espionage. Affected citizens have yet to receive official notifications or guidance, raising red flags about Morocco’s data breach response strategy.
Resecurity highlighted concerns over the lack of communication from Moroccan regulators and CNSS, especially given the confirmed exposure of critical PII.
Moroccan authorities deny
The Moroccan Ministry of Economic Inclusion dismissed the hack as superficial, stating no critical data was compromised. But shortly after, the hackers contradicted this with proof: pay slips and internal documents surfaced online. CNSS, for its part, has yet to issue a formal response as at the time of this report.
This lack of transparency has triggered concern among data protection advocates.
Citizens whose data may have been leaked still haven’t received notifications or guidance from regulatory bodies, which is raising serious questions about Morocco’s data breach response protocols.
Meanwhile, Moroccan hackers are reportedly launching counterattacks on Algerian platforms, suggesting this incident may be part of a larger pattern of ongoing digital warfare between the two rivals.
With hacking groups on both sides escalating their operations, cyberspace is quickly becoming the new front in the Morocco-Algeria conflict.
A wake-up call for Morocco’s cybersecurity strategy
This breach reveals deep vulnerabilities in Morocco’s digital infrastructure, especially in institutions responsible for managing critical citizen data. While this isn’t CNSS’s first experience with cybersecurity issues, a 2020 incident exposed data from over 3.5 million users. This recent attack dwarfs all previous breaches in scale and sensitivity.
The data dump confirms that Morocco has become an attractive target for sophisticated cyber actors with its growing digitization push. As Moroccan citizens and businesses absorb the fallout, this moment should serve as a national wake-up call.
Institutions must prioritize cybersecurity as a technical necessity and a cornerstone of public trust and sovereignty. The CNSS breach is not just about stolen data, it’s about how a digital crisis can quickly evolve into a political, social, and economic threat.