Morocco's social security agency has reported a major cyberattack that resulted in a significant amount of its data being leaked to Telegram.

Initial investigations conducted by the Moroccan National Social Security Fund (CNSS) revealed that its IT systems were the target of a series of cyberattacks in which the threat actor "aimed at circumventing security measures," ultimately leading to the leak of the agency's data, according to a CNSS press release.

The CNSS is a public institution responsible for managing the social security plans for employees in Morocco's private sector.

Some Moroccan media outlets have reported that more than 54,000 files were stolen, exposing nearly 2 million people's information, though the CNSS has yet to confirm this. The files reportedly include names, national ID numbers, phone numbers, email addresses, bank account details, and more.

After viewing some of the documents that were posted to a public Telegram channel, CNSS has said that some of the materials appear to be "often false, inaccurate, or truncated."

The CNSS said its IT security protocol has been activated, and an internal administrative investigation is underway to look into the nature and scope of the breach. The agency has not publicly attributed the attack to a specific hacker or group; however, a threat actor using the name "JabaROOT" has claimed responsibility for the attacks.

Based on statements the threat actor made on Telegram, the breach appears to be politically motivated against Morocco for what they believe to be targeted cyber attacks against Algerian institutions online.

Endpoint protection vendor Resecurity said that the stolen data has since been uploaded to an underground forum on the Dark Web but has not yet been put up for sale.