French government messaging platform Tchap breached via hijacked account

Hackers gained unauthorized access to Tchap, the French government's secure messaging platform, by exploiting a compromised user account. The breach was detected by the French Cybersecurity Agency (ANSSI) and reported by the digital affairs directorate (DINUM). The incident has prompted an alert to France's data protection authority due to potential exposure of personal data, as reported by Bleeping Computer.

The attack on Tchap, a platform developed for the French public sector, reportedly involved a social engineering attack that compromised a user account. Threat actors claim to have accessed hardcoded LDAP credentials and exfiltrated over 13.5GB of documents and media files. They also allegedly scraped nearly 650,000 messages and data on over 73,000 accounts, including email addresses and metadata.

DINUM has blocked the compromised account and is investigating the extent of the data accessed. Users have been reminded that public chat rooms are not encrypted and should not be used for sensitive information. This incident follows a previous data breach involving a French government agency last month.

Source: Bleeping Computer