France’s Interior Ministry suffered a cyberattack that lasted several days, targeting its internal email accounts, Interior Minister Laurent Nuñez confirmed. The ministry, which employs nearly 300,000 people at its Place Beauvau headquarters, quickly detected the intrusion and began assessing its impact. Nuñez emphasized that while the attack was serious, authorities acted promptly, and security teams mobilized immediately to contain the breach. The incident highlights the growing threat of cyberattacks on government institutions and the challenges of protecting sensitive information in a digital age.
How Attackers Gained Access
According to Nuñez, hackers gained entry by compromising several professional email inboxes and obtaining access credentials. Once inside, they were able to view sensitive police files, including the Criminal Records Processing System (TAJ) and the Wanted Persons File (FPR). The minister explained that investigators are still determining the full scope of the breach, though it appears that only a few dozen files may have been removed. Nuñez added that officials cannot yet confirm whether ongoing investigations were affected, but he reassured the public that no lives were at risk and that no ransom demands were made.
Accountability, Response, and Ongoing Investigation
Nuñez attributed the breach to lapses in cybersecurity protocols, noting that even minor carelessness can compromise an entire system. Staff receive regular reminders about security measures, but the attack underscores how a few oversights can have major consequences. The cyberattack came to light after BFMTV reported suspicious activity on the ministry’s email servers. A hacker group then claimed, without providing evidence, to have accessed data from over 16 million people, a claim Nuñez firmly denied. The ministry reported the incident to CNIL, France’s data protection authority, and initiated an internal administrative review. France’s Anti-Cybercrime Office now leads the investigation, while judicial authorities work to identify the perpetrators and prevent future attacks.
