A few months after the cyberattacks which targeted the Ministry of the Interior, having allowed hackers to access several sensitive files, the training platform of the national police, which depends on the same ministry, was the target of an intrusion. The information was revealed this week and the DGPN confirms, without specifying the extent of this “security incident”, that the personal and sensitive data of police officers were consulted.
A series of unprecedented cyberattacks. State platforms are increasingly targeted. At the end of 2025, a major cyberattack hit the French Ministry of the Interior, compromising its email servers via recklessly shared passwords and allowing illicit access to ultra-sensitive business applications, including the TAJ (Processing of criminal records) and the FPR (Wanted Persons File). A 22-year-old suspect is arrested, and Minister Laurent Nuñez recognizes a lack of “computer hygiene” despite regular alerts, leading to a generalization of strong authentication.
TAJ, FPR, FICOBA, SIA … and now the police
In the process, last January, a cyberattack targeted the HubEE platform, developed by the Interministerial Digital Directorate, a service of the Prime Minister placed under the authority of the Minister of Transformation and the Civil Service, to centralize the data submitted online by citizens during their administrative procedures and secure their exchanges with the authorities. Around 160,000 documents, some containing personal information, have been leaked, it has been announced.
The following February, another very sensitive administrative file, this time of a tax nature, was the subject of an intrusion. This is the FICOBA (National File of Bank Accounts and Similar), managed by the General Directorate of Public Finances (DGFIP) and listing personal data such as bank details (RIB / IBAN), the identity of the holder, his address and, in certain cases, the user’s tax identifier. The information of 1.2 million bank accounts was accessed by a cyberhacker, putting banking establishments on alert.
Not a month of 2026 went by without hacking of institutional platforms. At the end of March 2026, the Weapons Information System (SIA), a national file centralizing the data of legal firearm holders in France (categories A to D), including names, addresses, weapons stocks and transactions, suffered an intrusion via the compromised account of a partner company. Around 62,000 records were exfiltrated and put up for sale on the dark web, exposing owners to immediate risks of targeted theft and threatening public safety well beyond the purely financial issues of previous breaches.
The same month, between the 17th and 18th, another cyberattack targeted a platform whose data was also secure. The information was revealed on Wednesday by LCI and TF1. A malicious actor viewed the profiles of numerous people belonging to the national police.
176,000 police officers concerned?
This “security incident” targeted the national police online training platform (e-Campus), according to the General Directorate of the National Police (DGPN). “Measures were taken immediately” to contain a possible data leak, it is claimed.
Cet “Malicious actor” managed to consult the identification data of police officers still active, administrative agents and contract workers, from the training platform, continues the DGPN. This means that the names, first names, residential addresses, including National Police buildings and email addresses of people who have undergone training have been made accessible. The Ministry of the Interior’s e-campus platform is still under maintenance following this hack.
The victims were contacted to be informed and “investigations are still underway to assess the extent of this security incident,” it is further explained, without specifying the number of people concerned. Several media outlets report thousands, even tens of thousands of agents involved.
These attacks, which are by no means the first to target state institutions but which stand out for the ultra-sensitive nature of the data exposed, give the impression of a cyber-disarmed French state, where, despite the successive cyberattacks and the commitments that follow, the lessons have not been learned.
Leave a Reply