On July 26, 2025, Naval Group, France’s premier defense shipbuilder, experienced a severe cybersecurity breach resulting in the unauthorized leak of approximately **30 GB of sensitive internal data**, with attackers claiming possession of up to **1 TB more**. The exposed information reportedly includes **highly classified technical documents and combat system files** tied to critical French military assets, such as the **Suffren-class nuclear submarines** and **FREMM frigates**. While Naval Group asserted that no direct intrusion into its core IT infrastructure was confirmed and operational systems remained unaffected, the incident was classified as a **reputational attack** with potential long-term strategic risks. The breach has prompted a **full-scale investigation** in collaboration with French authorities to verify the authenticity of the leaked data and assess its broader implications for national security. The exposure of such sensitive defense-related intellectual property poses significant risks, including **espionage, competitive disadvantage, and erosion of trust** among international partners and clients. The incident underscores vulnerabilities in safeguarding **state-level military secrets**, raising concerns over future cyber threats targeting defense contractors.
Source: https://x.com/navalgroup/status/1949149936294998040/photo/2
TPRM report: https://www.rankiteo.com/company/naval-group
"id": "nav403092125",
"linkid": "naval-group",
"type": "Breach",
"date": "7/2025",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'defense/aerospace',
'location': 'France',
'name': 'Naval Group',
'type': 'defense contractor'}],
'data_breach': {'data_exfiltration': True,
'sensitivity_of_data': 'high (military/defense-related)',
'type_of_data_compromised': ['technical documents',
'combat system files']},
'date_detected': '2025-07-26',
'date_publicly_disclosed': '2025-07-26',
'description': 'In July 26, 2025, Naval Group, France’s leading defense '
'shipbuilder, suffered a major cybersecurity incident '
'involving the leak of approximately 30 GB of internal data, '
'with claims from the attackers that they possess up to 1 TB '
'more. The exposed information allegedly includes technical '
'documents and combat system files used in French submarines '
'and warships, such as the Suffren-class nuclear submarines '
'and FREMM frigates. While Naval Group stated that no '
'intrusion into its IT infrastructure has been confirmed and '
'operational systems remain unaffected, the breach is being '
'treated as a reputational attack.',
'impact': {'brand_reputation_impact': 'high (reputational attack)',
'data_compromised': ['technical documents',
'combat system files (submarines and '
'warships)'],
'operational_impact': 'none (operational systems reportedly '
'unaffected)'},
'initial_access_broker': {'high_value_targets': ['submarine combat systems',
'warship technical data']},
'investigation_status': 'ongoing (authenticity and impact assessment)',
'motivation': ['reputational damage', 'potential espionage'],
'ransomware': {'data_exfiltration': True},
'references': [{'date_accessed': '2025-07-26',
'source': '(Hypothetical) Cybersecurity News Report'}],
'regulatory_compliance': {'regulatory_notifications': ['French authorities']},
'response': {'communication_strategy': 'public statement (denial of IT '
'intrusion, operational systems '
'unaffected)',
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'third_party_assistance': ['French authorities']},
'title': 'Naval Group Data Leak (July 2025)',
'type': ['data breach', 'reputational attack']}