Cyberattack Hits French Interior Ministry

French authorities are investigating a cyberattack that breached servers at the Interior Ministry and exposed classified law‑enforcement files.
Officials say the scale of the intrusion remains unclear, but early findings indicate that sensitive databases were accessed.
Security measures have been tightened as technical teams work to assess the damage.

Breach of Classified Law‑Enforcement Data

France’s Interior Minister Laurent Nuñez (pictured) confirmed that hackers accessed “dozens of classified files” during a cyberattack last week. The compromised material included data from criminal records and the national registry of wanted individuals. Nuñez told Franceinfo that investigators are still determining the full extent of the breach. He emphasized that these files are critical to law‑enforcement operations and require careful evaluation.

Authorities have so far identified several dozen files removed from the system, though millions of records may be affected. The minister described the incident as a “serious act” and stressed that the investigation is ongoing. Officials aim to establish precisely which datasets were accessed and whether any were exfiltrated. The attack has prompted immediate reinforcement of cybersecurity protocols across the ministry.

Email Systems and Internal Access Compromised

The Interior Ministry confirmed that the intrusion occurred during the night of December 11 to 12. Hackers reportedly gained unauthorized access to professional email accounts containing personal information. According to a statement to BFMTV, the stolen email data enabled access to certain business applications. This secondary access route may have facilitated deeper penetration into ministry systems.

French authorities have not disclosed who carried out the attack. They also declined to say whether the stolen data has been shared or misused. Security teams continue to analyze the breach while implementing measures to limit further risks. The ministry has increased monitoring and deployed additional safeguards to protect sensitive infrastructure.

Ongoing Investigation and Security Response

Technical specialists are conducting detailed examinations of affected servers. Their work includes tracing the attackers’ movements, identifying vulnerabilities and determining how much information was extracted. Officials say the investigation will take time due to the volume and sensitivity of the data involved. The ministry is coordinating with national cybersecurity agencies to strengthen defenses.

Nuñez reiterated that the priority is to understand the scope of the breach and prevent similar incidents. He noted that the attack highlights the growing threat posed by sophisticated cyber actors targeting government institutions. Additional protective measures are being introduced to reduce exposure to future intrusions. Authorities plan to release further information once the investigation progresses.