Cyberattack Confirmed on French Interior Ministry
The French Interior Ministry has confirmed a significant cyberattack that compromised its email servers, leading to unauthorized access to sensitive government databases. Interior Minister Laurent Nunez described the incident as 'very serious,' with investigations actively underway to determine the full scope and identify those responsible.
Details of the Intrusion
The cyberattack was detected overnight between December 11 and December 12, targeting the ministry's professional email systems. Minister Nunez confirmed that hackers gained access to 'dozens of confidential files,' specifically mentioning the Criminal Records Processing System (TAJ) and the Wanted Persons File (FPR). While attackers claimed to have exposed data on 16.4 million French citizens, the ministry disputes this figure, stating that initial technical investigations revealed only 'a few dozen files' were removed, though these could contain 'millions of data points.' The minister indicated that the intrusion was facilitated by weaknesses in 'digital hygiene,' including the sharing of passwords.
Investigation and Response
In response to the breach, the French authorities have initiated both a judicial investigation, led by the Paris Public Prosecutor's Office's anti-cybercrime unit, and an internal administrative inquiry. The National Commission for Information Technology and Civil Liberties (CNIL) has also been notified. Security measures have been immediately reinforced, including tightening access controls, strengthening security protocols, and implementing widespread two-factor authentication across the ministry's systems. Minister Nunez stated that no ransom demands have been received.
Suspects and Motives
A user on the cybercrime platform Breachforums, operating under the alias Indra, claimed responsibility for the attack, asserting it was an act of retaliation for the arrests of members of the 'ShinnyHunters/hollow' cybergang. Authorities are exploring various scenarios for the attack's origin, including foreign interference, hacktivism, and cybercrime. As of December 18, 2025, a 22-year-old man has been arrested in connection with the cyberattack. The attack reportedly lasted 'several days,' impacting a ministry that employs nearly 300,000 people.
9 Comments
Michelangelo
While it's positive they're investigating and have made an arrest, the breach itself points to alarming systemic weaknesses in government cybersecurity that need immediate, large-scale reform.
Leonardo
Too little, too late. Our private information is now compromised, thanks to them.
Raphael
Good to see the ministry being transparent about this serious breach.
Donatello
Blaming 'digital hygiene' is just deflecting. This is pure incompetence.
Raphael
They're clearly minimizing the damage. 'Millions of data points' is terrifying.
Eugene Alta
Another government failure! How can they be so careless with our data?
KittyKat
This incident is a wake-up call. Glad they're finally implementing 2FA.
Katchuka
Unacceptable! This ministry handles critical data; they should have top-tier security.
BuggaBoom
Important to acknowledge the seriousness. Investigations are absolutely necessary.