Hacker arrested over ties to France Interior Ministry data breach
French authorities have apprehended a 22-year-old hacker, allegedly linked to the recent data breach of the France’s Ministry of the Interior (Beauvau). Commentators note the French cybercriminal underworld is “on alert.”
The suspect, born in 2003, was arrested on December 17th, only a couple of days after attackers launched a revenge hacking campaign on the French government. According to the Paris Public Prosecutor’s Office, the suspect faces up to ten years behind bars.
“The suspect, born in 2003, is already known to the judicial authorities, having been convicted in 2025 for similar offences,” French authorities said.
The arrest was made over suspicions the individual was involved in “unlawful access to an automated data processing system by an organized group, following the cyberattack targeting the Ministry of the Interior.”
This could mean the suspect was not directly linked to the attack, but did download or otherwise obtain the data that the attackers may have stolen during the recent incident.
Un suspect a été interpellé dans l'enquête diligentée par la section de lutte contre la cybercriminalité du parquet de Paris, avec l'#OFAC, sur la cyberattaque au préjudice du ministère de l'intérieur pic.twitter.com/ibXryADz7B
undefined Parquet de Paris (@parquetdeParis) December 17, 2025
According to French ethical hacker Saxx, cybercriminal circles in France are on a “state of high alert,” following the arrest of the suspect. The ethical hacker also noted how quickly the Interior Ministry hackers changed their tune after the arrest.
While at first the attack was presented as revenge over earlier arrests of attackers tied to the “ShinnyHunters/hollow” cybergang, the attackers have now started to present themselves as threat researchers.
“I felt compelled to act this way because your security is deplorable. If a terrorist had obtained such access, the consequences would have been entirely different,” the attackers said in a message.
🚨🔴 Piratage Ministère de l'Intérieur : RIDEAU ! C'ÉTAIT DU GROS BLUFF... Les petits jeunes ont joué avec le feu et se sont brûlés 😬
undefined SaxX ¯\_(ツ)_/¯ (@_SaxX_) December 17, 2025
Les petits jeunes flippent énormément après l'arrestation de leur petit copain !
Ils viennent de mettre un message... surprenant... mais qui… pic.twitter.com/8x6FtKGoxN
Beauvau confirms data breach
Earlier this week, France’s Ministry of Interior confirmed to Cybernews it had suffered a “malicious intrusion” which is now being handled "at the highest level."
Meanwhile, attackers initially boasted that the hack involved information on millions of French citizens. While they did not specify what type of data may have been exposed, the allegedly compromised dataset most likely holds vast amounts of sensitive details, ranging from personally identifiable information (PII) to criminal records and confidential case details.
The message was later removed from Breachforums, as the website was decorated with an “under maintenance” banner. According to the attackers, they were forced to take down the forum over a wave of DDoS attacks.
After the initial reports, the attacker supposedly leaked millions of records stolen from the Caisse d’allocations familiales (CAF), a family-oriented sector of the French social security system. However, threat researchers doubt the legitimacy of the claims, noting numerous duplicates in the datasets.
Unlock more exclusive Cybernews content on YouTube.
