Forum alleges compromise of French Interior Ministry systems amid disputed breach details
BreachForums has officially resurfaced after a period of inactivity — and its return is marked by a high-profile claim targeting French authorities.
The forum’s administrators announced that they had compromised systems belonging to France’s Ministry of the Interior (Ministère de l’Intérieur), allegedly gaining access to police data covering more than 16.4 million individuals.
According to the claim, accessed databases include:
- TAJ (criminal records database)
- FPR (wanted persons database)
The group further asserted intrusion into systems associated with DGFIP (public finance administration) and CNAV (national pension authority).
Email Controversy
Part of the controversy surrounding the announcement involved an email sent to promote the forum’s return. The message appeared to originate from a domain associated with the French Interior Ministry.
Initial assumptions suggested standard email spoofing. However, subsequent analysis indicated that the email was transmitted using Amazon Simple Email Service (SES), implying potential access to a legitimate email account rather than simple sender forgery.
The French Interior Ministry acknowledged suspicious activity affecting its email infrastructure but downplayed the scale of any potential breach. Meanwhile, BreachForums has leveraged this acknowledgment to reinforce its narrative of a successful compromise.
Configuration Weakness
Reports indicated that the affected domain was operating with a DMARC policy set to “none,” a configuration that reduces protection against email abuse and may allow malicious or unauthorized messages to pass without rejection or quarantine.
Ongoing Investigation
At this stage, there is no independent confirmation regarding the actual volume or sensitivity of the data allegedly accessed or exfiltrated.
What remains evident is that BreachForums is attempting to reassert itself as a major actor within the cybercrime ecosystem through high-impact claims tied to national-level institutions.
The situation remains under investigation pending further technical verification.