French Government Detects and Blocks Cyber Attack on Internal Tchap Messaging App
Hackers accessed the French public sector's encrypted messaging service Tchap, stealing nearly 14GB of documents and other data. The account used in the attack has been identified and blocked.
freepressjournal.inThe French government's internal messaging service Tchap was compromised in a cyber attack. On June 7 the French National Cybersecurity Agency (ANSSI) determined that the platform had been breached, prompting an investigation by the French Digital Affairs Directorate (DINUM), which developed and manages the app.
gov, officials confirmed that the account behind the attack had been identified and blocked.
All Tchap users received a message reminding them that the content of public chatrooms is not encrypted. A threat actor has claimed responsibility for the breach and shared some of the stolen files, according to Bleeping Computer. The hacker alleges stealing nearly 14GB of documents and files shared by public servants using Tchap, as well as email addresses, meeting links, general organization data, and hardcoded LDAP credentials.
Tchap is a state-owned messaging service based on the Matrix protocol. It was designed exclusively for the French public sector and features end-to-end encryption on private conversations. The service was launched in 2019.
The breach occurred as France continues efforts to reduce reliance on foreign software. This year the government replaced Windows with Linux on its workstations, and by next year a homegrown alternative is scheduled to replace Zoom and Microsoft Teams.
The EU, of which France is a founding member state, is also reportedly planning to stop using Google as its default in-house search engine, with France-developed Quaint taking its place.
