France’s national postal service fell victim to a cyberattack December 22, disrupting parcel distribution days before Christmas.
French authorities confirmed the attack was still ongoing the following day.
Minister Roland Lescure acknowledged the incident’s scale to media.
“We experienced a very strong first wave yesterday, particularly during the morning and early afternoon, which significantly disrupted services. Since last night and throughout the night, the intensity has decreased markedly, but the attack is not over. It is continuing at a lower level, but it is continuing,” he said today.
According to the French government, the attack was a distributed denial-of-service (DDoS) assault, designed to saturate servers rather than penetrate internal systems.
Lescure stressed customer data had not been compromised, while urging caution over attribution as to the perpetrators.
“Customer data has not been compromised. We are working with ANSSI and the intelligence services to identify the source. We will only communicate once we have certainty,” said Lescure.
The attack against the postal service follows a number of recent cyberattacks against key French public institutions.
France’s Ministry of the Interior confirmed hackers had accessed ministry computer systems containing “a number of files that are important to us,” including the Criminal Records Processing System (TAJ) and the Wanted Persons File (FPR).
The breach raised serious concerns about the security of the state’s most sensitive databases.
Earlier this month, France Travail, the national employment agency, disclosed a major data breach had affected more than 1 million individuals linked to the Missions Locales network.
The leaked data included surnames, first names, dates of birth, National Insurance numbers, France Travail identifiers, email and postal addresses, and telephone numbers.
“No passwords or bank details were extracted,” said France Travail and the National Union of Local Missions (UNML).
The national agency warned malicious “phishing” attacks through various channels (including emails, telephone, text messages) are commonplace, and maximum vigilance is required for those who may be targeted.
“Initial investigations reveal that the account of an agent, an account management manager at a local mission, was hacked,” explained France Travail.
France Travail has itself been hacked five times in the past six months.
As cyber incidents multiply, criticism is increasingly directed not only at institutions and companies, but also at France’s data protection watchdog, the CNIL.
On November 29, the association PURR (Pour un RGPD respecté) sent an open letter and petition to the CNIL, accusing it of failing in its mission for nearly a decade.
The organisation called for dissuasive sanctions and a complete overhaul of enforcement procedures.
“For two years now, not a day has gone by without our personal data being scattered to the four winds, victims of massive data leaks caused by the chronic, widespread and systemic lack of security in the vast majority of information systems” they added.
According to PURR, responsibility lies squarely with the regulator.
Since 2016, the CNIL has issued few sanctions; as a result, companies have little incentive to invest in cybersecurity, knowing that the risk of financial penalties is minimal.
The CNIL’s own report on cybercrime identifies a 60 per cent shortfall in the investment needed for adequate protection.
“Corporate self-regulation is completely dysfunctional, and massive data leaks (more than 150 referenced) are occurring one after another due to a lack of security, with increasingly dramatic consequences (undetectable phishing, fraud, burglary, identity theft, bank fraud, kidnapping in the street, etc.)” PURR said in its report.
The website Who leaked it today? says there have been more than 150 cyber attacks in France in 2025.
