France’s Interior Ministry fell victim to a cyberattack that lasted several days, Interior Minister Laurent Nuñez revealed. The hackers targeted professional email accounts at the Place Beauvau ministry, which employs nearly 300,000 people. Nuñez confirmed the breach after ministry staff noticed suspicious activity in their systems, prompting immediate investigations. While the attack disrupted internal communications, authorities acted quickly to limit further exposure of sensitive data. The minister stressed that the breach, although serious, did not put citizens’ safety at risk.
Nuñez described the intrusion as a calculated effort to exploit lapses in internal security. He confirmed that judicial authorities have opened an investigation to identify the perpetrators and hold them accountable as swiftly as possible. Officials are still working to determine exactly which files were accessed or removed, and the full impact of the attack remains unclear.
How Hackers Gained Access to Sensitive Files
The attackers managed to access several professional email inboxes, recovering credentials that allowed them to penetrate protected systems. Once inside, they consulted critical police databases, including the Criminal Records Processing System (TAJ) and the Wanted Persons File (FPR). According to Nuñez, only a few dozen files may have been taken, but authorities are still verifying the extent of the compromise.
The minister could not confirm whether the breach might affect ongoing investigations but assured the public that lives were not endangered. No ransom demand followed the intrusion, suggesting the attack’s primary goal was data theft rather than extortion. Nuñez attributed the breach to “carelessness,” noting that repeated reminders about cybersecurity rules often go ignored, and even a small number of lapses can have serious consequences.
Investigations, Denials, and Government Response
The cyberattack first came to light when BFMTV reported suspicious activity on ministry email servers. Soon after, a group of hackers claimed, without evidence, that they had accessed data from more than 16 million people. Nuñez strongly denied the claim, calling it false, and emphasized that authorities have taken all legal steps to investigate the matter.
The ministry notified the CNIL, France’s data protection authority, as required by law, and Nuñez also initiated an internal administrative review. France’s Anti-Cybercrime Office (OFAC) now leads the official inquiry, coordinating with judicial authorities to identify the attackers and prevent similar incidents in the future. While the investigation continues, the ministry is reinforcing security measures and warning staff to follow proper protocols to avoid further breaches.
