• Home
  • cyber
  • French Interior Ministry: French government hit by cyberattack - Interior Ministry confirms email systems hit
cyber Cyber Attack

French Interior Ministry: French government hit by cyberattack - Interior Ministry confirms email systems hit

Dec 12, 2025 2 min read
French Interior Ministry: French government hit by cyberattack - Interior Ministry confirms email systems hit

**French Interior Ministry Hit by Suspected APT28 Cyberattack**

The French Interior Ministry confirmed a cyberattack targeting its email servers and internal files between December 11 and 12, though the full extent of data theft remains unclear. Interior Minister Laurent Nuñez acknowledged the breach, stating that threat actors accessed unspecified documents but did not confirm whether any data was exfiltrated. Possible motives include foreign interference, hacktivism, or cybercrime, though no definitive attribution has been made.

Initial reports suggest APT28 (also known as Fancy Bear or Forest Blizzard), a Russian state-linked advanced persistent threat (APT) group, may be responsible. The group, tied to Russia’s GRU, has a history of targeting French government entities, defense contractors, aerospace firms, and financial institutions. A recent ANSSI report highlighted APT28’s focus on Roundcube email servers, which aligns with the compromised systems in this incident.

In July 2025, the UK’s NCSC warned of APT28’s use of Authentic Antics malware to infiltrate Microsoft 365 accounts, further underscoring the group’s evolving tactics. While investigations continue, the attack raises concerns about persistent cyber-espionage threats to European governments.

Source: https://www.techradar.com/pro/security/french-government-hit-by-cyberattack-interior-ministry-confirms-email-systems-hit

French Interior Ministry TPRM report: https://www.rankiteo.com/company/minist%C3%A8re-de-lint%C3%A9rieur

"id": "min1765886149",
"linkid": "minist%C3%A8re-de-lint%C3%A9rieur",
"type": "Cyber Attack",
"date": "12/2025",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"
{'affected_entities': [{'industry': 'Government',
                        'location': 'France',
                        'name': 'French Interior Ministry',
                        'type': 'Government Agency'}],
 'attack_vector': 'Email servers',
 'data_breach': {'type_of_data_compromised': 'Internal document files'},
 'date_detected': '2023-12-12',
 'description': 'The French Interior Ministry confirmed a cyberattack between '
                'December 11 and December 12, compromising email servers and '
                'accessing internal document files. The extent of data theft '
                'remains unknown.',
 'impact': {'data_compromised': 'Internal document files',
            'systems_affected': 'Email servers'},
 'investigation_status': 'Ongoing',
 'motivation': ['Foreign interference',
                'Cyber espionage',
                'Challenging authorities'],
 'references': [{'source': 'TechRadar Pro'},
                {'source': 'RTL Radio'},
                {'source': 'French National Agency for the Security of '
                           'Information Systems (ANSSI)'},
                {'source': 'UK National Cyber Security Centre (NCSC)'}],
 'response': {'containment_measures': 'Usual protection procedures implemented',
              'incident_response_plan_activated': 'Yes'},
 'threat_actor': 'APT28 (Fancy Bear/Forest Blizzard)',
 'title': 'French Interior Ministry Cyberattack',
 'type': 'Cyber Espionage'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.