Agence France-Presse, one of the world’s largest news organizations, has notified French regulators of a potential data breach following a cyberattack last week.
The AFP, which has an editorial presence in 260 cities across 150 countries, said in a brief statement on Saturday that it detected an “attack on its systems” that affected part of its news delivery service to clients.
“AFP’s technical teams are working on the incident with the support of the French National Agency for IT Systems Security (ANSSI),” the organization said. “We are currently working to analyse and deal with this incident.”
The AFP hasn’t posted any further details about the incident, nor has it confirmed whether any customer data has been compromised as a result of the attack. The news agency has not responded to TechCrunch’s requests for comment regarding the cybersecurity incident.
The French data protection agency, Commission Nationale Informatique & Libertés (CNIL), confirmed to TechCrunch that it has received notice of a potential data breach at the AFP.
“I can confirm that CNIL had received notice from the AFP regarding a potential breach of data,” CNIL spokesperson Yohann Brunet told TechCrunch in a statement.
Under GDPR, Europe’s data protection law, French organizations must notify the CNIL of suspected or potential data breaches within 72 hours of discovery.
It’s not yet known what types of data may have been accessed or how many people have been affected, though some reports claim that user credentials for the AFP’s file transfer (FTP) servers may have been compromised, allowing access to some AFP content. The nature of the cyberattack also remains unknown and the incident has not yet been claimed by any major cybercrime or ransomware group.
For its part, the AFP said in its Saturday statement that “it is not yet known who carried out this attack or why.”
The AFP says it continues to provide news coverage across the world, though parts of the organization’s website remain down at the time of publication.