Hackers carried out a cyberattack against France’s Interior Ministry that lasted several days, Interior Minister Laurent Nuñez said.
The attackers focused on internal email accounts at the Place Beauvau ministry, which employs nearly 300,000 people nationwide.
Nuñez publicly confirmed the incident on Wednesday after internal teams identified the breach.
The cyberattack allowed unauthorized access to several professional email inboxes used by ministry staff.
Through those accounts, hackers reached sensitive police systems and internal files, according to the minister.
Nuñez addressed the incident during an interview with the Franceinfo news outlet.
He said authorities immediately launched a judicial investigation to identify those responsible.
Investigators aim to move quickly and prevent further damage to ministry systems.
How the Intrusion Unfolded Inside Police Networks
Attackers gained entry by accessing professional email inboxes belonging to ministry employees.
They recovered login credentials that granted deeper access to internal databases.
Nuñez said the intruders consulted several highly sensitive police files during the breach.
Those files included the Criminal Records Processing System, commonly known as the TAJ.
Hackers also accessed the Wanted Persons File, referred to as the FPR.
Authorities still cannot fully measure the scope of the compromise.
Nuñez said hackers may have extracted several dozen files from the systems.
Officials continue reviewing logs and systems to assess potential damage.
The minister said he could not confirm whether investigations suffered any impact.
However, he stressed that the breach did not endanger public safety.
Authorities received no ransom demands linked to the attack, Nuñez said.
Responsibility, Denials, and the Ongoing Investigation
Nuñez attributed the intrusion to human error rather than technical failure.
He said the ministry regularly reminds staff to follow strict cybersecurity rules.
A small number of people ignoring procedures can expose entire systems, he explained.
The attack targeted internal email servers over several days without immediate detection.
Last week, BFMTV revealed that officials had discovered suspicious activity on those servers.
After the report, a hacker group claimed access to data covering more than 16 million people.
The group provided no evidence to support its claim.
Nuñez firmly denied the allegation and described it as false.
The ministry notified the CNIL, France’s data protection authority, as required by law.
Nuñez also ordered a separate administrative investigation into the incident.
France’s Anti-Cybercrime Office now leads the investigation into the cyberattack.
