{"id":269014,"date":"2026-06-10T04:26:00","date_gmt":"2026-06-10T08:26:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/10\/frances-government-messaging-app-tchap-got-breached\/"},"modified":"2026-06-10T04:50:13","modified_gmt":"2026-06-10T08:50:13","slug":"frances-government-messaging-app-tchap-got-breached","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/10\/frances-government-messaging-app-tchap-got-breached\/","title":{"rendered":"France’s Government Messaging App Tchap Got Breached"},"content":{"rendered":"

France’s Government Messaging App Tchap Got Breached<\/a><\/p>\n

https:\/\/securityaffairs.com\/193393\/security\/frances-government-messaging-app-tchap-got-breached.html<\/a><\/p>\n

Publish Date: 2026-06-10 04:26:00<\/a><\/p>\n

Source Domain: securityaffairs.com<\/a><\/p>\n

France\u2019s Government Messaging App Tchap Got Breached<\/h2>\n<\/p>\n

\t\t\t\t\t\t\t Pierluigi Paganini<\/span>
\n\t\t\t\t\t\t\t\"\"\/ June 10, 2026<\/span><\/p>\n

\t\t\t\t\t\t\"\"\/<\/p>\n

France\u2019s government chat app Tchap was breached after a single account was compromised, exposing messages and data from public channels.<\/h2>\n

Tchap, the encrypted messaging platform developed by the French government for its civil servants and made mandatory last year, was breached on June 7. ANSSI, France\u2019s cybersecurity agency, detected the intrusion. The vector was straightforward: someone compromised a user account and used it to access the platform. No sophisticated technical exploit, just a stolen account.<\/p>\n

The attacker claimed responsibility over the weekend before the French Digital Affairs Directorate (DINUM) made any official announcement. They said they got in through a social engineering attack targeting the education shard, specifically matrix.agent.education.tchap.gouv.fr. Their own description of what they found is the more alarming part: they claim to have scraped nearly 650,000 messages, information on over 73,000 accounts, including email addresses and device metadata, and over 13.5GB of documents and media files. <\/p>\n

\"TchapSource: Frenchbreaches.com<\/p>\n

They also allege they found hardcoded LDAP credentials leaked via a PowerShell script shared by a regional director of the French tax authority.<\/p>\n

\u201cI social engineered a valid account on the education shard (matrix.agent.education.tchap.gouv.fr). Everything below is what that one account could reach, other shards will have more,\u201d reads the announcement made by the attackers.<\/p>\n

\ud83d\udd34\ud83c\uddeb\ud83c\uddf7 ALERTE \u2014 La messagerie gouvernementale Tchap serait vis\u00e9e par une fuite de donn\u00e9es impliquant plus de 73 000 agents de l’\u00c9tat, 643 000 messages et pr\u00e8s de 3 ans d’\u00e9changes internes.<\/p>\n

Tchap est la messagerie officielle de l’administration fran\u00e7aise. Elle est notamment\u2026 pic.twitter.com\/jtiN0hS1LF<\/p>\n

\u2014 Seb (@seblatombe) June 8, 2026<\/p>\n

DINUM\u2019s…<\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

France’s Government Messaging App Tchap Got Breached https:\/\/securityaffairs.com\/193393\/security\/frances-government-messaging-app-tchap-got-breached.html Publish Date: 2026-06-10 04:26:00 Source Domain: securityaffairs.com…<\/p>\n","protected":false},"author":1,"featured_media":269015,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2018\/12\/travel-alert-registry-france.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,31],"class_list":["post-269014","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-exploit"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/269014"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=269014"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/269014\/revisions"}],"predecessor-version":[{"id":269016,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/269014\/revisions\/269016"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/269015"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=269014"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=269014"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=269014"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}