Particle.news

France's Tchap Messaging Platform Breached by Hijacked Account

Authorities blocked the compromised account and opened a forensic investigation to determine what public chat content was exposed.

Overview

  • France’s cybersecurity agency ANSSI detected the intrusion on June 7 and DINUM identified and immediately blocked the hijacked user account used to access Tchap.
  • Officials say the attacker’s access was limited to public chat rooms that are not end‑to‑end encrypted and that private, encrypted conversations should remain secure.
  • An individual posting online claimed to have taken roughly 73,000 accounts, 643,000 messages and about 13.5 GB of media but French authorities have not verified those figures.
  • DINUM has notified CNIL, alerted all Tchap users about the public-room exposure risk, and is analyzing event logs to map which conversations and files the account could reach.
  • Tchap is a state-managed platform made mandatory for civil servants in 2025, which increased its user base and makes the investigation important for government operations and personal data protection.