{"id":8479,"date":"2026-06-12T15:49:11","date_gmt":"2026-06-12T15:49:11","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=8479"},"modified":"2026-06-12T15:49:11","modified_gmt":"2026-06-12T15:49:11","slug":"french-governments-secure-messaging-system-breached","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=8479","title":{"rendered":"French government\u2019s secure messaging system breached"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

An intruder has breached the French government\u2019s encrypted messaging service, Tchap, showing once again that human error is a weak spot<\/a> in any security system.<\/p>\n

Tchap was developed in France as an example of national sovereignty and was designed to be a more secure option than WhatsApp for communication between government employees.<\/p>\n

In this case, it wasn\u2019t the technology that was at fault, but a user: The intruder gained access to the system by taking over their account, according to DINUM<\/a>, the French government\u2019s interministerial digital directorate.<\/p>\n

DINUM said it has blocked the affected user\u2019s access and is investigating how much information has been revealed. While the system\u2019s encryption was not broken, the intruder would have been able to view unencrypted public chat rooms accessible to the account taken over, potentially affecting 73,467 of the system\u2019s 825,000 users, DINUM said.<\/p>\n

That matches at least part of a post on X (formerly Twitter) reporting the intruder\u2019s claim to have accessed the account of a Tchap user in the education sector through social engineering<\/a>, exposing 73,467 user accounts, 643,459 messages, 876 chat rooms with message history, and 59,386 media files totalling 13.51 GB, including references to documents marked \u201cDiffusion Restreinte\u201d (restricted distribution).<\/p>\n

DINUM said that it had reminded all Tchap users that public chat rooms are accessible to any user and are not encrypted, so all participants should refrain from any sensitive or confidential information.<\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

An intruder has breached the French government\u2019s encrypted messaging service, Tchap, showing once again that human error is a weak spot in any security system. Tchap was developed in France as an example of national sovereignty and was designed to be a more secure option than WhatsApp for communication between government employees. In this case, […]<\/p>\n","protected":false},"author":0,"featured_media":8480,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-8479","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/8479"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8479"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/8479\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/8480"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8479"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8479"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8479"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}