Leak at the French Ministry of the Interior
In December 2025, attackers compromised professional email accounts at France's Ministry of the Interior and accessed sensitive police files including the TAJ criminal-records and FPR wanted-persons databases; the ministry confirmed a few dozen files were exfiltrated while attackers claimed data on 16.4 million people.
- Victim
- French Ministry of the Interior
On 13 December 2025, France's Ministry of the Interior (Place Beauvau) — the central government department overseeing the national police, gendarmerie and internal security — disclosed that it had suffered a serious intrusion into its information systems. The breach was detected overnight between 11 and 12 December and confirmed publicly by Interior Minister Laurent Nuñez, who acknowledged that "a number of files important to us could be consulted."
The attackers gained a foothold by compromising professional email inboxes and recovering access credentials, which let them reach internal systems over the course of several days. From there they were able to consult highly sensitive law-enforcement databases. The minister attributed the initial compromise to human "carelessness" with security procedures rather than a sophisticated technical exploit.
Files and data reported as accessed include:
- The TAJ (Traitement des Antécédents Judiciaires) criminal-records database
- The FPR (Fichier des Personnes Recherchées) wanted-persons file
- Various internal documents and email content from compromised mailboxes
There was a sharp discrepancy over scale: on the BreachForums marketplace, threat actors claimed to have stolen data on 16,444,373 people from French police records and gave authorities roughly a week to negotiate before publishing. The ministry disputed these figures, stating that only a few dozen files were confirmed to have been exfiltrated. No ransom demand was acknowledged by officials.
A judicial investigation was opened, and on 17 December 2025 French authorities arrested a 22-year-old suspect (born 2003, with a prior 2025 conviction for similar offences), charged with unauthorised access to an automated personal-data processing system as part of an organised group. The incident was contained and the investigation remained ongoing at the time of reporting.
Sources
- rtl.frhttps://www.rtl.fr/actu/justice-faits-divers/un-assaillant-a-pu-penetrer-sur-un-certain-nombre-de-fichiers-sur-rtl-laurent-nu-ez-confirme-une-attaque-informatique-au-ministere-de-l-interieur-7900577003
- euronews.comhttps://www.euronews.com/2025/12/17/french-interior-ministry-targeted-in-massive-cyberattack-minister-confirms
- bleepingcomputer.comhttps://www.bleepingcomputer.com/news/security/france-arrests-suspect-tied-to-cyberattack-on-interior-ministry/
- therecord.mediahttps://therecord.media/france-interior-ministry-email-breach-investigation
- cybernews.comhttps://cybernews.com/security/france-interior-ministry-beauvau-data-breach/