Morocco’s social security agency has confirmed that a large volume of personal data was stolen in a cyberattack earlier this week, with sensitive information later leaked on the messaging platform Telegram.
The agency, which oversees pensions and insurance benefits for millions of private sector workers—ranging from factory employees to corporate executives—said initial investigations point to hackers successfully breaching its security systems.
In a statement, the agency did not identify those responsible but noted that many of the leaked documents were “misleading, inaccurate, or incomplete.”
The hackers who shared the data on Telegram claimed the breach was retaliation for what they described as Moroccan “harassment” of Algeria on social media. They warned of further attacks if Algerian platforms were targeted.
While Moroccan authorities have not officially attributed the cyberattack to any specific group, local media outlets suggest Algerian hackers may be behind the breach. They have framed the incident as part of an ongoing digital conflict between the two North African neighbors.
The leaked material reportedly includes salary data that, if verified, could highlight stark income disparities in Morocco—despite recent economic progress. Some documents allegedly contain financial details about executives of state-run companies, political figures, members of the royal family’s charitable foundations, and even the Israeli liaison office in Rabat.
In response to the leak, Morocco’s National Commission for the Protection of Personal Data announced it is prepared to investigate any complaints filed by individuals affected by the exposure.
