Summary:

On 8 April 2025, Moroccan authorities opened an investigation into a cyberattack on government institutions including the National Social Security Fund and the Ministry of Employment.  

The hacking operation resulted in the leak of private information of 500,000 companies and two million employees including names, email addresses, identity card numbers, and bank details. The leak also targeted influential leaders like the CEO of Royal Air Maroc. 

The attack was attributed to an Algerian group of hackers under the name of “Jabaroot DZ.” The group published the leaked data on Telegram, citing the hostile takeover of Algeria’s national news agency’s X account by Moroccan hackers as justification for the breach. Moroccan authorities later claimed that the content of the leaked documents “was often false, inaccurate, or truncated,” without stating further details.  

Outlook: 

Moroccan authorities are likely to try to minimize the effects of the leak, however the cyberattack exposes the vulnerability of Moroccan information systems. 

The breach is likely to undermine confidence in Moroccan institutions as a secure place with which to do business. Moreover, the breach is a blow Morocco’s efforts to build confidence in its capacity to host international events and investments.  

The cyberattack also highlights the effects that the animosity between Algeria and Morocco can have on citizens and enterprises. The fact that hackers acted on behalf of the Algerian state by claiming to defend the country reflects the danger of the conflict being transferred from the state level to private actors, thus risking uncontrolled escalation. 

Explore our services or speak with our team of North Africa-based risk experts.