- The French government-only chat app Tchap was breached through the theft of a valid account; The attacker claims that 13.5 GB were exfiltrated
- The alleged loot includes 73,000 accounts, more than 640,000 messages, more than 800 chat rooms; private chats encrypted, public rooms not
- ANSSI and DINUM investigate amid broader warnings about spying by state-run messaging apps
A chat app used exclusively by French government employees was apparently hacked and hundreds of thousands of messages were allegedly leaked, and authorities are now investigating these claims.
In 2025, French Prime Minister François Bayrou banned the use of foreign chat apps, such as WhatsApp or Signal, for work communication. Instead, employees were asked to use Tchap, an instant messaging and collaboration tool created by DINUM, the French government’s digital affairs directorate, and ANSSI, France’s cybersecurity agency.
The app is a fork of Riot and is available only to users with a .gov address. Apparently, the application has more than 300,000 monthly users, as well as more than 500,000 downloads on the Google Play Store.
“misere” claims non-compliance
A threat actor with the alias “misere” recently took to the dark web to claim the attack, saying they used social engineering to extract 13.5GB of data from the app.
Among the stolen data were 73,467 user accounts, 643,459 messages, 876 chat rooms with message history and 59,386 shared media files. They also claimed to have accessed discussion rooms in which staff from several French ministries participated.
Meanwhile, ANSSI confirmed that the app suffered a security breach and said initial reports were about a valid account being stolen. The agency said private conversations on the app are encrypted, but public conversations are not.
DINUM added that it was now investigating the incident.
In March 2026, the General Intelligence and Security Service (AIVD), the Netherlands’ main civilian intelligence and security agency, warned of a major ongoing cyber espionage campaign by Russian spies, in which they are attempting to gain access to Signal and WhatsApp accounts belonging to dignitaries, military personnel and public officials, including Dutch government employees.
A few weeks later, both the FBI and CISA warned about the same thing, urging US government employees to be careful with their mobile apps.
Through cyber news
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds.
