In 2025, the threat actor Stormous claimed responsibility for a ransomware attack against the French government, resulting in a comprehensive leak of sensitive data including full email addresses and password hashes from several high-profile organizations such as Carsat, Finance, Retraite, and IGAS -AAF β AFT β ac-lyoun.fr β cnaf.fr β cnsa.fr. This incident highlights the severe cybersecurity vulnerabilities faced by Franceβs government institutions. #France
Incident Details
- Victim: French Gov 2025
- Country: FR
- Actor: stormous
- Source: http://6sf5xa7eso3e3vk46i5tpcqhnlayczztj7zjktzaztlotyy75zs6j7qd.onion/db-administrative
- Discovered: 2025-05-23 13:19:04.962350
- Published: 2025-05-23 13:17:38.216685
Information
- In 2025, the French government became a victim of ransomware attacks.
- Information leak includes full email addresses and password hashes.
- Multiple high-profile French government organizations were affected, including Carsat, Finance, Retraite, and IGAS.
- Leak also involves various domains such as AAF, AFT, ac-lyoun.fr, cnaf.fr, and cnsa.fr.
Disclaimer: This post is based on public claims made by the ransomware group "stormous". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.