Hackers launched a cyberattack against France’s Interior Ministry that lasted several days, Interior Minister Laurent Nuñez said. The attackers focused on professional email accounts used inside the Place Beauvau ministry, which employs close to 300,000 people. Nuñez confirmed the incident publicly on Wednesday, explaining that internal teams detected the intrusion only after suspicious activity appeared on ministry systems.
France’s Interior Ministry discovered the attack days after it began. The breach allowed unauthorized access to internal email inboxes and opened a path toward sensitive police files. Speaking to Franceinfo, Nuñez described the incident as a malicious intrusion and said authorities immediately opened a judicial investigation to identify those responsible as quickly as possible.
How Email Accounts Opened the Door to Police Files
According to Nuñez, attackers gained entry by accessing several professional email inboxes belonging to ministry staff. They recovered login credentials that gave them broader access to internal platforms. Once inside, the hackers consulted multiple sensitive databases used by police services.
These systems included the Criminal Records Processing System, known as TAJ, and the Wanted Persons File, or FPR. Nuñez said investigators still cannot measure the full extent of the breach. At this stage, officials believe the attackers may have removed several dozen files, though the exact number remains unclear.
The minister said he could not confirm whether the intrusion disrupted ongoing investigations. However, he stressed that the breach did not place the public at risk. Authorities also received no ransom demand, which suggested the attackers did not pursue financial extortion.
Official Reactions, Denials, and the Ongoing Investigation
Nuñez attributed the intrusion to lapses in basic security practices, despite repeated reminders issued to staff. He said a small number of individuals failing to follow established rules can expose an entire system. The attack remained active for several days before detection.
Last week, BFMTV reported that the ministry had identified suspicious activity targeting its email servers. Shortly afterward, a hacker group claimed access to personal data linked to more than 16 million people listed in police files. The group offered no evidence to support the claim.
Nuñez rejected the allegation and called it false. He confirmed the ministry reported the incident to the CNIL, France’s data protection authority, as required by law. He also ordered an internal administrative review. France’s Anti-Cybercrime Office now leads the investigation into the breach.
