French authorities have arrested a 22-year-old suspect in connection with a cyberattack targeting France’s Ministry of the Interior, which compromised internal email servers and allowed access to official files. The investigation is ongoing, and the scope of any potential data exposure remains under review.
According to the Paris Public Prosecutor’s Office, the arrest took place on December 17, 2025, as part of an investigation led by the cybercrime unit. The suspect is charged with unauthorized access to an automated personal data processing system carried out by an organized group — an offense punishable by up to 10 years in prison under French law.
Investigators say the attack enabled access to certain internal email accounts and document files used by ministry staff. Authorities have not confirmed whether data was exfiltrated, stating that forensic analysis is still underway to determine the extent of the intrusion.
Prosecutors added that the suspect was already known to law enforcement and had been convicted earlier in 2025 for similar cyber offenses. The investigation is being handled by OFAC, France’s Office for Combating Cybercrime.
The breach drew public attention after claims were posted on the underground BreachForums platform, where an administrator alleged responsibility for the attack and claimed data on more than 16 million individuals had been stolen from French police records. French officials have disputed these claims, stating there is currently no evidence of mass data theft.
Interior Minister Laurent Nuñez described the incident as “very serious” but emphasized that, so far, only limited access to internal systems has been confirmed. Following the breach, the ministry implemented additional security measures and tightened access controls across its information systems.
The arrest highlights France’s intensified efforts to respond to cyber threats against critical government institutions. At the same time, the incident underscores ongoing risks associated with credential handling, internal email systems, and the human factor, which continue to play a significant role in successful cyber intrusions.
