TZUTC: -0500
MSGID: 1840.consprcy@1:2320/105 2da6a2a2
PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
FORMAT: flowed
French government hit by cyberattack - Interior Ministry confirms email
systems hit

Date:
Tue, 16 Dec 2025 10:26:52 +0000

Description:
Speculation rises over the identity and motives of unknown hackers.

FULL STORY

The French Interior Ministry has confirmed recently suffering a cyberattack,
but the consequences are still being determined. 

The French Minister of Interior said the attack took place at night, between
December 11 and December 12. Email servers were compromised, allowing threat
actors to access some document files. However, it is currently unclear if 
they managed to steal anything and if so - what exactly. 

"There was indeed a cyberattack. An attacker was able to access a number of
files. So we implemented the usual protection procedures," Interior Minister
Laurent Nuez told local radio station RTL Radio . "It could be foreign
interference, it could be people who want to challenge the authorities and
show that they are capable of accessing systems, and it could also be
cybercrime. At this point, we don't know what it is."

Was it the Russians? 

Other than that, details are scarce, as it isn't known exactly who was
responsible, or what they were looking for. 

Initial reports speculate the attack might have been the work of APT28, an
advanced persistent threat actor linked to Russia's Military Intelligence
Service (GRU). Also known as Fancy Bear or Forest Blizzard, APT28 has been
attributed to many high-profile cyber-espionage campaigns throughout the 
West. 

For example, a recent report from the French National Agency for the Security
of Information Systems (ANSSI), APT28 usually targets government agencies,
research firms, think-tanks, and businesses in the French Defence
Technological and Industrial Base. 

They also target aerospace organizations, and other firms in finance and
economy. For years, APT28 was targeting Roundcube email servers as well,
harvesting vital data from governments and diplomats across North America and
Europe. 

In July 2025, the UK National Cyber Security Centre (NCSC) warned about APT28
targeting Microsoft 365 accounts with specialized malware called Authentic
Antics. 

======================================================================
Link to news story:
https://www.techradar.com/pro/security/french-government-hit-by-cyberattack-in
terior-ministry-confirms-email-systems-hit

$$
--- SBBSecho 3.28-Linux
 * Origin: Capitol City Online (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700
SEEN-BY: 226/30 227/114 229/110 134 206 300 307 317 400 426 428 470
SEEN-BY: 229/664 700 705 266/512 291/111 320/219 322/757 342/200 396/45
SEEN-BY: 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12 5075/35
PATH: 2320/105 229/426