French Government Messaging Service Tchap Breached in Cyber Attack
On June 7, France’s National Cybersecurity Agency (ANSSI) detected a breach in Tchap, the encrypted messaging platform used by the French public sector. The attack prompted an investigation by the Digital Affairs Directorate (DINUM), which oversees the app’s development and security.
In a statement published on numerique.gov, officials confirmed that the compromised account had been identified and blocked. While the full extent of the data exposure remains under investigation, all Tchap users were reminded that public chatroom content is not encrypted. The breach’s origin has not been disclosed, but a threat actor claimed responsibility, alleging the theft of nearly 14GB of files including hardcoded LDAP credentials, internal documents, email addresses, meeting links, and organizational data.
Launched in 2019, Tchap is a state-developed messaging service built on the Matrix protocol, offering end-to-end encryption for private conversations. The incident occurs as France accelerates efforts to reduce reliance on foreign software, transitioning government workstations from Windows to Linux and replacing Zoom and Microsoft Teams with a domestic alternative by 2025. The EU, meanwhile, is reportedly phasing out Google in favor of France’s Quaint as its default search engine.
LaSuite cybersecurity rating report: https://www.rankiteo.com/company/la-suite-gouv
"id": "LA-1781023366",
"linkid": "la-suite-gouv",
"type": "Breach",
"date": "6/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Public Sector',
'location': 'France',
'name': 'Tchap (French Government Messaging Service)',
'type': 'Government Service'}],
'data_breach': {'data_encryption': 'Public chatroom content is not encrypted; '
'private conversations are end-to-end '
'encrypted',
'data_exfiltration': 'Alleged theft of nearly 14GB of files',
'personally_identifiable_information': 'Email addresses',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Hardcoded LDAP credentials',
'Internal documents',
'Email addresses',
'Meeting links',
'Organizational data']},
'date_detected': '2024-06-07',
'date_publicly_disclosed': '2024-06-07',
'description': 'France’s National Cybersecurity Agency (ANSSI) detected a '
'breach in Tchap, the encrypted messaging platform used by the '
'French public sector. The attack prompted an investigation by '
'the Digital Affairs Directorate (DINUM). The compromised '
'account was identified and blocked, but the full extent of '
'data exposure remains under investigation. A threat actor '
'claimed responsibility, alleging the theft of nearly 14GB of '
'files including hardcoded LDAP credentials, internal '
'documents, email addresses, meeting links, and organizational '
'data.',
'impact': {'data_compromised': 'Nearly 14GB of files including hardcoded LDAP '
'credentials, internal documents, email '
'addresses, meeting links, and organizational '
'data',
'systems_affected': 'Tchap messaging platform'},
'investigation_status': 'Ongoing',
'references': [{'source': 'numerique.gov', 'url': 'https://numerique.gov'}],
'response': {'communication_strategy': 'Public statement on numerique.gov',
'containment_measures': 'Compromised account identified and '
'blocked',
'incident_response_plan_activated': 'Yes'},
'stakeholder_advisories': 'All Tchap users reminded that public chatroom '
'content is not encrypted',
'title': 'French Government Messaging Service Tchap Breached in Cyber Attack',
'type': 'Data Breach'}