French authorities have disclosed a security breach affecting Tchap, the encrypted messaging platform used by government employees, after attackers gained access through a compromised user account.
The incident was revealed by France’s Interministerial Directorate for Digital Affairs (DINUM), which said the intrusion did not result from a flaw in the platform itself. Instead, attackers used credentials associated with a legitimate account to access the service.
Tchap is the French government’s internal messaging service and is used by public officials and government staff for communications. The platform was developed to provide a secure alternative to commercial messaging applications and has been promoted across government departments in recent years.
According to DINUM, the attackers relied on a hijacked account to gain access to the platform. The agency has not publicly identified the account holder or disclosed how the credentials were compromised. Authorities also have not said how long the attackers maintained access before the breach was detected.
The government has not reported evidence that Tchap’s underlying encryption was broken. The disclosed information indicates that the breach was limited to account-level access obtained through the compromised credentials.
French officials moved to contain the incident after discovering the unauthorized access. The affected account was secured, and an investigation was launched to determine the scope of the breach and whether additional accounts may have been impacted.
Authorities have not disclosed how many users were affected or whether any messages or data were accessed during the intrusion. The government has also not publicly attributed the attack to a specific threat actor.
The incident adds to a series of cybersecurity events affecting French public-sector organizations over the past year. However, in this case, officials said the breach stemmed from the compromise of a legitimate user account rather than a vulnerability in the messaging platform itself.
DINUM said the investigation into the incident is ongoing as authorities work to determine the full extent of the unauthorized access and any potential impact on users of the Tchap messaging service.