France’s Interior Ministry experienced a cyberattack that lasted several days, targeting the professional email accounts of ministry employees. Interior Minister Laurent Nuñez confirmed that the intrusion affected Place Beauvau, which employs nearly 300,000 people. Officials first noticed unusual activity on the ministry’s servers last week, and the full scope of the attack is still under investigation. While the breach caused concern, Nuñez emphasized that authorities responded quickly to contain the situation and prevent further damage.
According to Nuñez, the hackers gained access to internal email systems and were able to view sensitive police files. He reassured the public that, despite the intrusion, there is currently no evidence the attack endangered the lives of citizens. At this point, investigators have not received any ransom demands, and the ministry continues to monitor the situation closely.
How Hackers Accessed Sensitive Data
The minister explained that the attackers exploited weaknesses in email account security, recovering login credentials that allowed them to enter professional inboxes. From there, they gained access to highly sensitive files used by law enforcement, including the Criminal Records Processing System (TAJ) and the Wanted Persons File (FPR). Nuñez acknowledged that investigators still cannot determine the full extent of the breach, but they estimate that a few dozen files may have been removed from the system.
Nuñez admitted that human error played a role in the attack. Despite repeated reminders about cybersecurity protocols, even a small lapse by staff can allow attackers to penetrate secure systems. He stressed that the ministry is reviewing internal procedures to prevent similar incidents in the future and is taking all necessary measures to strengthen security.
Investigation and Official Responses
The cyberattack gained public attention after BFMTV reported the suspicious activity on ministry servers. Soon after, a hacker group claimed to have accessed data belonging to more than 16 million people, though they provided no evidence to support the claim. Nuñez dismissed the claim as false and confirmed that the ministry has referred the matter to the CNIL, France’s data protection authority, as required by law.
An internal administrative investigation is underway alongside a judicial inquiry, which aims to identify and prosecute the perpetrators quickly. France’s Anti-Cybercrime Office (OFAC) now leads the official investigation, working with other authorities to assess the impact of the breach and ensure that similar incidents do not happen again.
