A surprise alert came from Paris when officials revealed a security flaw in Tchap, the nation’s encrypted chat system. Through a hijacked login, intruders slipped inside without immediate detection. Only later did analysts at the country's cyber defense unit spot unusual activity.

Their probe began quietly, tracing paths taken and files touched during the unauthorized visit. Questions now linger about what data could have been seen or copied in the gap before discovery. Starting in 2018, France's DINUM introduced Tchap alongside the country’s cybersecurity body, ANSSI.

Built using the Matrix framework, this tool serves only state workers and official institutions through secure chats and teamwork functions. Since launch, usage expanded - now counting above 300,000 people logging in each month, with half a million installs just on Android. Growth picked up speed when Prime Minister François Bayrou advised staff to switch work conversations to Tchap rather than rely on non-European apps.

Later that week, signs of intrusion appeared on the interface - ANSSI spotted irregular behavior tied to one logged-in profile. That channel got shut down fast, stopping extra breaches. From there, scrutiny turned to stored records, checking what exchanges or documents might have leaked.

Though control slipped briefly, response narrowed the risk without delay. Even though no breach occurred, France's digital agency reached out to CNIL due to possible exposure of personal details via the app. While public discussions remain accessible to verified participants, those conversations lack encryption safeguards. Because privacy risks exist, officials emphasize handling delicate data strictly within protected one-on-one exchanges.

Only secured channels offer the level of protection needed for such content. Over the weekend, someone took credit for the incident, saying they got in by manipulating people rather than exploiting code. Though officials haven’t shared specifics about how it happened, the claim points to deception as the entry method.

Access reportedly began with an account tied to Tchap’s school-focused systems. From there, information visible within that account was gathered without permission. Among the claims made was access to fixed LDAP login details, left visible inside a PowerShell file circulated by someone working for the state.

It followed that large volumes of data - over 13 gigabytes - were reportedly copied, spanning both documents and multimedia content. From those materials emerged close to 650,000 individual messages. Account-related records tied to over seventy-three thousand users were pulled apart, revealing emails, affiliations, scheduled call URLs, plus background system logs.

A separate assertion pointed to how easily such scripts could expose sensitive internal structures. Still examining the reports, investigators work to measure how far the effects reach. When hackers trick users or steal logins, even coded messaging apps can fail - this case shows it once again.

Tags: Account Hacking Cyber Attacks Data Breaches Data Safety User Data data security French Government Hijacking attacks Messaging App Security