The attack, which lasted “several days,” targeted email accounts at the Place Beauvau ministry, which employs nearly 300,000 people, Interior Minister Laurent Nuñez said.
Cyberattack on French Interior Ministry Email Servers Compromises Dozens of Files
A cyberattack that targeted the French Interior Ministry’s email servers last week has compromised at least several dozen sensitive files, Interior Minister Laurent Nunez confirmed on Wednesday, acknowledging that the breach is more serious than authorities initially believed.
Earlier, on December 12, Nunez had stated that there was no evidence suggesting a significant compromise of the ministry’s systems. However, speaking to Franceinfo radio on Wednesday, he revised that assessment, describing the situation as “serious” and confirming that unauthorized access to internal data had indeed occurred.
“A few days ago, I said that we didn’t know whether there had been any compromises or not,” Nunez said. “Now we know that there have been compromises, but we still do not know the full extent of them.” According to the minister, the files accessed during the attack include criminal records, raising concerns about data sensitivity and potential misuse.
Authorities have not yet identified the perpetrators behind the cyberattack, and there is currently no indication whether a state-backed actor, organized cybercriminal group, or independent hackers were responsible. Nunez emphasized that investigations are ongoing to determine both the source of the intrusion and the scope of the data breach.
A judicial inquiry and an internal administrative investigation have been launched, and France’s data protection authority, the National Commission for Information Technology and Civil Liberties (CNIL), has been formally notified, as required under French and European data protection regulations.
While attempting to reassure the public, Nunez said there was no evidence at this stage that massive amounts of data had been exfiltrated. “I can tell you that there have not been millions of pieces of data extracted as of this morning,” he said, adding that authorities remain cautious and vigilant as forensic analysis of the systems continues.
The incident highlights growing cybersecurity challenges facing government institutions and underscores the importance of strengthening digital defenses amid an increasing number of cyber threats targeting public-sector infrastructure.
