A threat actor has since claimed responsibility for the attack on the encrypted platform Tchap.
The French government’s internal messaging service, Tchap, was hacked during a cyberattack. On June 7, the National Information Security Agency (ANSSI) learned that the encrypted messaging platform had been compromised, leading to an investigation by the Digital Directorate (DINUM), which developed and manages the application.
In a press release published by digital.gov, the site dedicated to France’s digital strategy, it was confirmed that the account behind the attack had been identified and blocked. The exact data they may have extracted is still under investigation, but a message has been sent to all Tchap users reminding them that content on public chat rooms is not encrypted.
If DINUM does of course not make public the origin of the flaw, Computer beeping reports that a malicious actor claimed responsibility and shared some of the stolen files. In addition to hard-coded LDAP credentials, the hacker claims to have stolen nearly 14 GB of documents and files shared by officials using Tchap, as well as email addresses, meeting links and general organizational data.
Tchap is a public messaging service based on the Matrix protocol. It was designed exclusively for the French public sector and offers end-to-end encryption on private conversations. The service was launched in 2019, and the recent security breach comes at a time when France is trying to stop relying on software not developed on its territory.
This year we saw the country abandon Windows in favor of Linux on its government desktops, and by next year a local alternative will replace Zoom and Microsoft Teams. The EU, of which France is a founding member state, is also reportedly considering stopping using Google as its default internal search engine, and replacing it with Quaint, developed in France.
