Major Cybersecurity Incident Hits French Government Database
In a significant breach of digital security, France's Ministry of Economics, Finance and Industrial and Digital Sovereignty has disclosed that an unidentified attacker successfully infiltrated the national database containing records of every bank account in the country. The cybercriminal managed to exfiltrate approximately 1.2 million records, raising serious concerns about data protection and financial privacy.
Details of the Attack and Immediate Response
The incident occurred in late January 2026, when malicious actors utilized stolen credentials to impersonate a civil servant with authorized access rights. This allowed them to view a portion of the FICOBA (national bank account file), which lists all accounts held in French banking institutions. The compromised data includes sensitive personal information such as bank details (RIB/IBAN), account holder identities, and addresses. Notably, tax identification numbers were not accessed during this unauthorized intrusion.
Upon detecting the breach, the Directorate General of Public Finances (DGFiP) implemented immediate access restrictions to halt the attack, limit data extraction, and prevent further unauthorized access. The Ministry emphasized that efforts are underway to restore services with enhanced security measures. Affected individuals will receive personalized notifications in the coming days to alert them that their data may have been compromised.
Coordinated Efforts and Legal Actions
French authorities have mobilized a comprehensive response to address this cybersecurity crisis. The IT teams at DGFiP are working in close collaboration with the Ministry of Finance's Senior Defense and Security Official's office (HFDS) and the National Cybersecurity Agency of France (ANSSI) to investigate the incident and fortify the information system's defenses. Additionally, contact has been established with banking institutions to heighten customer awareness regarding the need for increased vigilance.
The incident has been formally reported to the National Commission for Information Technology and Civil Liberties (CNIL), and a legal complaint has been filed. This multi-agency approach underscores the severity of the breach and the government's commitment to safeguarding citizen data.
Security Recommendations for Affected Users
In light of this data breach, French authorities have issued critical security tips to help users protect themselves from potential scams and fraud:
- Beware of Phishing Attempts: Numerous scams are circulating via email or SMS, targeting individuals and businesses alike. If you receive suspicious messages, do not reply directly. Always verify the authenticity through official channels.
- Official Communication Protocols: The tax authorities will never request login details or bank card numbers via text message. Even if the sender appears to be from DGFiP, contact your tax office directly using the secure messaging system in your online account or by phone to confirm the message's legitimacy.
- Document Suspicious Activity: If you suspect fraudulent use of your personal data, preserve all evidence, including messages, website addresses, and screenshots. For additional resources and guidance, visit the official website cybermalveillance.gouv.fr.
This incident highlights the ongoing challenges in cybersecurity and the importance of robust data protection measures in an increasingly digital world.
