France’s Interior Ministry suffered a cyberattack that lasted several days, Interior Minister Laurent Nuñez confirmed. The attackers targeted professional email accounts at the Place Beauvau ministry, which employs nearly 300,000 people. Nuñez revealed the breach after officials noticed unusual activity in the ministry’s systems, explaining that the intrusion allowed hackers to access sensitive police information. While the ministry responded quickly, the attack highlighted vulnerabilities within internal communication networks and the challenges of protecting data in such a large institution.
The minister described the incident as a serious breach but emphasized that authorities acted promptly to contain it. Investigators immediately began working to understand the extent of the intrusion, secure compromised accounts, and prevent further unauthorized access. Nuñez reassured the public that, despite the severity of the attack, the safety of French citizens remained unaffected.
How Hackers Gained Access
According to Nuñez, the attackers broke into several professional email inboxes and obtained login credentials, which allowed them to reach critical police databases. Among the files exposed were the Criminal Records Processing System (TAJ) and the Wanted Persons File (FPR). Officials are still determining exactly how many files the hackers accessed or removed, but early estimates suggest only a few dozen.
Nuñez admitted he could not confirm whether the intrusion had affected ongoing investigations. However, he stressed that no ransom demand had been made and that the attack did not put anyone’s life in danger. He highlighted that even a small lapse in following security protocols can open the door to serious breaches, despite regular reminders to staff about digital security measures.
Investigation and Official Response
The attack came to public attention after BFMTV reported suspicious activity in the ministry’s email servers. Soon after, a hacker group claimed—without providing evidence—that it had accessed data on more than 16 million people. Nuñez rejected the claim as false and clarified that the ministry immediately notified CNIL, France’s data protection authority, as required by law. He also launched an internal administrative investigation to understand how the breach occurred.
France’s Anti-Cybercrime Office now leads the investigation, working alongside judicial authorities to quickly identify those responsible. Nuñez emphasized that uncovering the source of the attack remains a top priority and that the ministry will continue strengthening its cybersecurity measures to prevent future incidents.
