According to DINUM, the digital affairs directorate of the French government, a total of 73,467 users of the French instant messaging service and collaboration tool Tchap have been affected by the recent breach.
-
France says 73,467 users of its Tchap messaging platform were affected.
-
The breach involved a compromised account used to access the system.
-
A hacker claims to have stolen messages, files, and internal chat rooms.
-
Authorities have not confirmed the attacker’s identity but say the account has been blocked.
Last week, DINUM disclosed that ANSSI, France’s cybersecurity agency, had discovered a security breach of Tchap. It was announced that the attacker used a compromised user account to gain access to the government’s encrypted messaging platform.
In its original report, DINUM didn’t say anything about the number of accounts that were compromised.
In a subsequent update, the French government says that 73,467 users were impacted by the incident, which is less than 9% of the 825,000 registered users. It also has more information about the data that may have been compromised.
“At this point, the account behind the malicious requests has been identified. It was immediately blocked in order to remove the attacker’s persistent access and allow in-depth analysis of the data they were able to access. Potentially exposed data from user accounts concerns at least: last name, first name, email address, belonging entity, and avatar,” DINUM explains.
Although DINUM hasn’t confirmed who’s responsible for the breach, a threat actor called “misere” claims to have stolen data from Tchap.
In a post on the dark web, misere claims that they obtained access through social engineering and exfiltrated 13.5GB of data. In addition, they claim that the stolen data includes 73,467 user accounts, 643,459 messages, 876 chat rooms with message history, and 59,386 shared media files.
Furthermore, the threat actor is said to have accessed discussion rooms involving personnel from multiple French ministries, including the Ministry of Finance, the Ministry of Defense, and the Prime Minister’s Office.
“Tchap remains a secure place for professional exchanges, provided that each user respects the terms of use. No personal, sensitive information or information covered by professional secrecy must be exchanged in public conversations: these exchanges must be reserved for private conversations,” DINUM concludes its most recent update regarding the security incident.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked