Morocco is facing an escalating wave of cyberattacks, with recent breaches exposing sensitive government data and compromising tens of thousands of bank cards. The incidents highlight growing vulnerabilities in the country’s digital infrastructure and raise concerns about regional cyber warfare.
On Tuesday, the official website of Morocco’s Ministry of Economic Inclusion, Small Business, Employment, and Skills was targeted in a cyberattack. The breach affected the National Social Security Fund (CNSS), exposing employee records and other strategic documents. A Telegram channel linked to an Algerian hacking group, Jabaroot, claimed responsibility.
The group stated the attack was retaliation for Morocco’s alleged blocking of the Algerian Press Agency (APS) account on X (formerly Twitter). Alongside the leaked data, the hackers shared a map of North Africa that excluded Morocco’s claim to the Western Sahara — a politically charged alteration.
The attack temporarily disrupted the ministry’s digital services. However, cybersecurity experts noted that the breach could have been prevented. A Moroccan analyst had warned on April 3 about vulnerabilities in the ministry’s systems, citing risks such as SQL injection attacks and remote code execution.
In response, the CNSS issued a statement acknowledging the cyberattack but downplaying its impact. Initial assessments found that many leaked documents were “false, inaccurate, or truncated.” The agency activated security protocols to contain the breach and launched an internal investigation while notifying judicial authorities.
The CNSS urged citizens and media to avoid sharing leaked data, warning of legal consequences. Despite these assurances, the incident has fueled concerns over data security in government systems.
The government breach follows another major cybersecurity lapse in March, where data from more than 31,000 Moroccan bank cards surfaced on the dark web. According to Cypherleak, a cybersecurity monitoring firm, 21,657 of these cards included CVV codes, while 5,523 remained valid — posing a high risk of financial fraud.
While the affected banks were not named, the scale of the leak underscores weaknesses in Morocco’s financial data protections. Cybersecurity analysts warn that stolen card details are often sold on underground forums, enabling fraudulent transactions and identity theft.
Reports suggest Moroccan hackers retaliated by targeting Algerian government websites and platforms linked to the Polisario Front, a separatist group in Western Sahara. The tit-for-tat attacks reflect broader geopolitical tensions between Morocco and Algeria, which have long been at odds over regional influence and territorial disputes.