cyber Cyber Attack

Centreon: KARE 11

Apr 23, 2026 2 min read
Centreon: KARE 11

Cyberattack Targets French Government Agencies via Compromised Software Update

A sophisticated cyberattack recently disrupted operations across multiple French government agencies after attackers exploited a compromised software update. The incident, detected in early June 2024, involved malicious actors infiltrating the supply chain of a widely used administrative software provider, Centreon, to distribute malware to its clients.

The attack primarily affected agencies relying on Centreon’s IT monitoring tools, with initial reports indicating disruptions in data access and system functionality. French cybersecurity agency ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information) confirmed the breach stemmed from a trojanized update pushed to users, allowing threat actors to gain persistent access to internal networks.

While the full scope of the compromise remains under investigation, early findings suggest the attackers sought to exfiltrate sensitive administrative data rather than deploy ransomware. ANSSI has attributed the attack to a state-sponsored group, citing tactics consistent with advanced persistent threat (APT) actors. No specific nation-state has been publicly named.

The incident underscores the growing risk of supply chain attacks, where trusted software vendors become unwitting vectors for cyber espionage. French authorities have since issued emergency patches and urged affected agencies to isolate compromised systems, though the long-term impact on government operations is still being assessed.

Source: https://www.kare11.com/article/syndication/associatedpress/health-data-of-500000-members-of-a-uk-project-offered-for-sale-online-in-china/616-09270b88-4054-4ae3-9b47-3f77ab1f4d39

Centreon TPRM report: https://www.rankiteo.com/company/centreonsoftware

"id": "cen1776969023",
"linkid": "centreonsoftware",
"type": "Cyber Attack",
"date": "4/2026",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"
{'affected_entities': [{'industry': 'Public Sector',
                        'location': 'France',
                        'name': 'French government agencies',
                        'type': 'Government'},
                       {'customers_affected': 'Multiple government agencies',
                        'industry': 'IT Monitoring',
                        'location': 'France',
                        'name': 'Centreon',
                        'type': 'Software Provider'}],
 'attack_vector': 'Compromised software update',
 'data_breach': {'data_exfiltration': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Sensitive administrative data'},
 'date_detected': '2024-06-early',
 'description': 'A sophisticated cyberattack recently disrupted operations '
                'across multiple French government agencies after attackers '
                'exploited a compromised software update. The incident '
                'involved malicious actors infiltrating the supply chain of a '
                'widely used administrative software provider, Centreon, to '
                'distribute malware to its clients. The attack primarily '
                'affected agencies relying on Centreon’s IT monitoring tools, '
                'with disruptions in data access and system functionality. '
                'French cybersecurity agency ANSSI confirmed the breach '
                'stemmed from a trojanized update pushed to users, allowing '
                'threat actors to gain persistent access to internal networks. '
                'The attackers sought to exfiltrate sensitive administrative '
                'data rather than deploy ransomware. ANSSI attributed the '
                'attack to a state-sponsored group, citing tactics consistent '
                'with advanced persistent threat (APT) actors.',
 'impact': {'data_compromised': 'Sensitive administrative data',
            'operational_impact': 'Disruptions in data access and system '
                                  'functionality',
            'systems_affected': 'IT monitoring tools, internal networks'},
 'investigation_status': 'Ongoing',
 'lessons_learned': 'Growing risk of supply chain attacks where trusted '
                    'software vendors become unwitting vectors for cyber '
                    'espionage',
 'motivation': 'Cyber espionage',
 'post_incident_analysis': {'root_causes': 'Compromised software update '
                                           '(trojanized)'},
 'references': [{'source': 'ANSSI (Agence Nationale de la Sécurité des '
                           'Systèmes d’Information)'}],
 'response': {'containment_measures': 'Isolate compromised systems, emergency '
                                      'patches issued'},
 'threat_actor': 'State-sponsored APT group',
 'title': 'Cyberattack Targets French Government Agencies via Compromised '
          'Software Update',
 'type': 'Supply Chain Attack',
 'vulnerability_exploited': 'Trojanized update'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.