Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
French Ministry for Armed Forces

French Ministry for Armed Forces Vendor Cyber Rating & Cyber Score

gouv.fr

Welcome to the english page of the French Ministry for Armed Forces. Follow us on: https://twitter.com/Defense_gouv https://www.facebook.com/MinistereDesArmees


FMAF A.I CyberSecurity Scoring

FMAF
Company Information
Website:http://www.defense.gouv.fr/
Employees number:1,121
Number of followers:0
NAICS:336414
Industry Type:Defense and Space Manufacturing
Homepage:gouv.fr
FMAF Risk Score (AI oriented)
Between 700 and 749
logo
FMAFDefense and Space Manufacturing
Updated:
13/07/2026
719/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
FMAF Global Score (TPRM)
xxxx
logo
FMAFDefense and Space Manufacturing
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

FMAF
FMAFModerate
Current Score
719Ba (MODERATE)
01000
6 incidents
-27.75 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
719Before Incident
JUNE 2026
791Before Incident
Breach
07 Jun 2026FMAF
ANSSI, DINUM and French Tax Authority: French govt messaging service breached in account hijacking attack

French Government’s Secure Messaging Platform Tchap Breached via Compromised Account

719After Incident
CRITICAL-72
ANSFREDIR1781008517
French Government’s Secure Messaging Platform Tchap Breached via Compromised Account The French government’s encrypted messaging platform, Tchap, was breached after hackers gained access using a hijacked user account. Developed by DINUM (the digital affairs directorate) in collaboration with ANSSI (France’s cybersecurity agency) in 2018, Tchap is a Matrix-based secure messaging tool exclusively for the French public sector, with over 300,000 monthly users and 500,000 Play Store downloads as of 2025. The breach was detected by ANSSI on Sunday, prompting DINUM to disclose the incident on Monday. The attacker accessed the platform through a compromised account, potentially exposing personal data shared in conversations. DINUM has notified CNIL (France’s data protection authority) and warned users that public chat rooms are unencrypted and accessible to any user, advising against sharing sensitive information in them. While the compromised account was immediately blocked, the investigation is ongoing to determine the extent of the breach. A threat actor later claimed responsibility, stating they gained access via social engineering on the education shard (matrix.agent.education.tchap.gouv.fr). The attacker alleged they exfiltrated: - Hardcoded LDAP credentials from a PowerShell script shared by a French tax authority official. - 13.5GB of documents and media files shared by public servants. - Nearly 650,000 messages and metadata from 73,000+ accounts, including emails, organizational details, meeting links, and device information. The attacker also claimed that all files shared on Tchap were downloadable without authentication, regardless of the shard hosting them. DINUM has not confirmed these details, and the incident remains under investigation. This breach follows a recent cyberattack on ANTS (France’s national agency for secure documents), where a 15-year-old was detained last month for allegedly selling stolen data.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Personal data, documents, media files, messages, metadata (emails, organizational details, meeting links, device information)Systems Affected: Tchap secure messaging platform (Matrix-based)Operational Impact: Compromised account blocked, ongoing investigationBrand Reputation Impact: Potential reputational damage to French government’s secure communicationsIdentity Theft Risk: High (exposure of emails, organizational details, and device information)
DATA BREACH
Personal dataDocumentsMedia filesMessagesMetadata (emails, organizational details, meeting links, device information)Number Of Records Exposed: 650,000+ messages, 13.5GB of filesSensitivity Of Data: High (government communications, personally identifiable information)Data Encryption: Public chat rooms unencrypted; other data encryption status unclearDocumentsMedia files
Breach
07 Jun 2026FMAF
Interministerial Directorate for Digital Affairs, French Government, Ministry of Finance, Ministry of Interior, Ministry of Education and Ministry of Defense: Tchap Messenger Breach Exposes Data of 73,000+ French Government Employees

French Government’s Secure Messaging Platform Tchap Breached, 13.51 GB of Data Exfiltrated

719After Incident
CRITICAL-72
DIRIFIFRE1781260189
French Government’s Secure Messaging Platform Tchap Breached, 13.51 GB of Data Exfiltrated A threat actor operating under the alias misere has claimed responsibility for compromising Tchap, the encrypted messaging platform used by the French government, allegedly stealing 13.51 GB of sensitive internal data. The breach, detected by France’s national cybersecurity agency (ANSSI) on June 7, 2026, targeted the platform’s education ministry shard (matrix.agent.education.tchap.gouv.fr) via a hijacked user account obtained through social engineering. Developed by the Interministerial Directorate for Digital Affairs (DINUM) and built on the Matrix/Synapse open-source protocol, Tchap was mandated for all French public officials in September 2025 as a sovereign alternative to commercial apps like Signal and WhatsApp. With over 825,000 registered civil servants across ministries, the platform supports end-to-end encryption for private conversations but leaves public chat rooms unencrypted. The attacker exploited Tchap’s non-shard-isolated user directory, allowing them to enumerate 73,467 government accounts across all ministries. From the compromised education ministry account, they scraped 643,459 messages from accessible rooms, 876 discussion channels, and 59,386 media files including 90 instances of "Diffusion Restreinte", France’s restricted government classification level. Exposed data also included internal Zoom and Webex meeting links, device metadata, and communications from key ministries, including Interior, Finance, Defense, Justice, and National Education. DINUM confirmed that the breach exposed personal data such as full names, government email addresses, organizational affiliations, and profile avatars. While private messages remained encrypted, the incident highlighted a critical flaw: public rooms on Matrix-based platforms are accessible to any authenticated user, meaning a single compromised account could harvest vast amounts of sensitive data without exploiting software vulnerabilities. Upon discovery, DINUM blocked the compromised account and launched an investigation with ANSSI. The agency also notified France’s data protection authority (CNIL) and issued a platform-wide alert to users, emphasizing the lack of encryption in public chat rooms. French officials have since maintained that the confidentiality of private messages was not compromised.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: 13.51 GB of sensitive internal data, including 643,459 messages, 876 discussion channels, 59,386 media files, and 90 instances of 'Diffusion Restreinte'Systems Affected: Tchap (matrix.agent.education.tchap.gouv.fr shard)Operational Impact: Platform-wide alert issued, compromised account blockedBrand Reputation Impact: Damage to trust in sovereign secure messaging platformIdentity Theft Risk: Exposure of full names, government email addresses, organizational affiliations
DATA BREACH
Type Of Data Compromised: Messages, media files, internal meeting links, device metadata, government communications, personally identifiable informationNumber Of Records Exposed: 643,459 messages, 59,386 media files, 73,467 accounts enumeratedSensitivity Of Data: High (includes 'Diffusion Restreinte' classified data)Data Exfiltration: 13.51 GB of data stolenData Encryption: Private messages remained encrypted; public chat rooms were unencryptedFile Types Exposed: Media files, messages, meeting linksPersonally Identifiable Information: Full names, government email addresses, organizational affiliations, profile avatars
MAY 2026
799Before Incident
Cyber Attack
15 May 2026FMAF
French government agencies: KGW News

Cyberattack Targets French Government Agencies via Compromised Software Update

790After Incident
CRITICAL-9
FRE1778920098
Cyberattack Targets French Government Agencies via Compromised Software Update A sophisticated cyberattack recently disrupted multiple French government agencies after attackers exploited a compromised software update. The incident, detected in early June 2024, involved malicious actors infiltrating the supply chain of a widely used administrative software provider, leading to the deployment of malware across several public-sector systems. The attack, attributed to an advanced persistent threat (APT) group with suspected ties to state-sponsored actors, leveraged a trojanized update to gain unauthorized access to sensitive networks. French cybersecurity authorities, including ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information), responded by isolating affected systems and launching an investigation. While the full extent of the breach remains under assessment, initial reports indicate potential data exfiltration and operational disruptions. The incident underscores the growing risk of supply chain attacks, where trusted software vendors become unwitting vectors for cyber espionage. French officials have not disclosed the specific agencies impacted but confirmed that critical infrastructure was not directly targeted. The attack follows a pattern of similar campaigns observed in Europe over the past year, highlighting the need for heightened vigilance in software integrity verification.
INCIDENT DETAILS -
TYPE
Supply Chain Attack
MOTIVATION
Cyber espionage
IMPACT
Data Compromised: Potential data exfiltrationSystems Affected: Multiple public-sector systemsOperational Impact: Operational disruptions
DATA BREACH
Sensitivity Of Data: Sensitive networksData Exfiltration: Potential
APRIL 2026
799Before Incident
MARCH 2026
827Before Incident
Breach
13 Mar 2026FMAF
French Naval Group, Spanish Navy, Italian Navy, Ministry of the Armed Forces and Royal Netherlands Navy: Fitness App Security Breach Reveals French Aircraft Carrier Location

French Naval Group’s Location Exposed via Fitness App Data

798After Incident
CRITICAL-29
FREITASPANAV1774060009
French Naval Group’s Location Exposed via Fitness App Data in 2026 A security lapse involving a popular fitness app has revealed the precise location of France’s Charles de Gaulle aircraft carrier and its multinational naval group in the Eastern Mediterranean. According to a report by The Maritime Executive, a junior officer’s use of the app to log a run on the ship’s deck on March 13, 2026, exposed the group’s position approximately 100 kilometers off the Turkish coast near Cyprus through publicly accessible location data. The carrier group, repositioned under orders from the French President, includes the Charles de Gaulle (equipped with 20 fighter jets, two early warning aircraft, and three helicopters), three French frigates, a replenishment ship, and frigates from Italy, Spain, and the Netherlands. A French rear admiral had disclosed the group’s composition earlier that day at the Ministry of the Armed Forces. A French Navy spokesperson confirmed the app violated existing security protocols and stated that corrective measures would follow if the report was verified. This incident mirrors past breaches, including similar tracking of military personnel and bases since 2018, all linked to the same fitness app, which has 195 million users and defaults to public location sharing unless manually adjusted. The report also highlights broader concerns over fitness apps with foreign ownership, particularly in the U.S., where another widely used app faced restrictions for government and military personnel amid national security risks.
INCIDENT DETAILS -
TYPE
Data Exposure
IMPACT
Data Compromised: Location data of military assetsOperational Impact: Potential compromise of naval group's operational securityBrand Reputation Impact: Negative impact on French Navy's security protocols
DATA BREACH
Type Of Data Compromised: Geolocation dataSensitivity Of Data: High (military asset locations)
FEBRUARY 2026
827Before Incident
JANUARY 2026
827Before Incident
DECEMBER 2025
827Before Incident
Cyber Attack
11 Dec 2025FMAF
French Ministry of the Interior: France Arrests 22-Year-Old Suspect in Ministry of the Interior Cyberattack

French Interior Ministry Cyberattack

826After Incident
CRITICAL-1
FRE1766044507
French Authorities Arrest 22-Year-Old Suspect in Interior Ministry Cyberattack French authorities have arrested a 22-year-old man in connection with a cyberattack on the country’s Interior Ministry, which compromised internal email systems and sensitive files. The suspect, born in 2003, was taken into custody on December 17, 2025, following an investigation led by the cybercrime unit of the Paris prosecutor’s office. He faces charges of unauthorized access to a state-run automated data processing system, an offense punishable by up to 10 years in prison. The breach was detected between December 11 and 12, 2025, with attackers gaining access to document files, including criminal records. While French Interior Minister Laurent Nuñez confirmed the severity of the incident, he noted that the full extent of the compromise remains unclear, emphasizing that millions of records were not extracted—though he cautioned against underestimating the breach. The suspect has a prior conviction in 2025 for similar cyber offenses, though authorities have not disclosed further details about his identity or past cases. The investigation, conducted by France’s Office for Combating Cybercrime (OFAC), suggests the attack may have been carried out as part of an organized group. Following the breach, the Interior Ministry strengthened access controls and notified France’s data protection authority (CNIL). The attack’s origin remains undetermined, with possibilities ranging from foreign interference to cybercriminal activity or hacktivism. Online claims of responsibility emerged on an underground forum, with a post referencing retaliation for the 2025 arrests of five BreachForums moderators, including figures linked to the ShinyHunters hacking group. However, authorities have not confirmed a direct connection between the suspect and these claims. The investigation is ongoing, with further updates expected after the suspect’s 48-hour police custody period.
INCIDENT DETAILS -
TYPE
Unauthorized Access
MOTIVATION
RevengeDemonstration of CapabilityCybercrime
IMPACT
Data Compromised: Criminal records and document filesSystems Affected: Internal email serversOperational Impact: Strengthened access controls and security protocols implementedIdentity Theft Risk: High (due to criminal records exposure)
DATA BREACH
Criminal recordsDocument filesSensitivity Of Data: HighPersonally Identifiable Information: Yes
NOVEMBER 2025
827Before Incident
OCTOBER 2025
827Before Incident
SEPTEMBER 2025
827Before Incident
AUGUST 2025
827Before Incident
JANUARY 2022
827Before Incident
Cyber Attack
01 Jan 2022FMAF
Netherlands government, French rail infrastructure, German government, Slovakian government, Romanian government and Finnish government: EU, UK Hit Russia With Joint Cyber Sanctions

EU and UK Impose Sanctions on Russia Over Cyberattacks Targeting Europe

826After Incident
CRITICAL-1
GERMINGOVMOFMZVFRE1783946090
EU and UK Impose Sanctions on Russia Over Cyberattacks Targeting Europe The European Union and the United Kingdom announced coordinated sanctions on Monday against Russia, holding Moscow’s FSB intelligence agency responsible for a series of cyberattacks across Europe. The measures target nine individuals and four entities by the EU, while the UK added 24 names to its sanctions list, imposing asset freezes and visa bans. The sanctions mark the first joint cybersecurity action between the EU and UK, aimed at countering Russia’s efforts to disrupt European stability. Among those sanctioned are officers from Russia’s GRU military intelligence and cybercriminals allegedly collaborating with the state. A recent failed cyberattack on Poland’s critical infrastructure, including its power grid, was linked to the FSB’s Centre 16 unit. UK officials warned the attack could have left 500,000 people without electricity during winter. France’s foreign minister confirmed that Russian cyber operations have targeted government ministries, companies, and key services, including rail infrastructure, with some groups claiming responsibility for disruptions ahead of the Paris 2024 Olympics. The EU reported that France, Germany, Poland, Cyprus, the Netherlands, Austria, Slovakia, Romania, and Finland have been victims of these attacks over several years. Western intelligence agencies have long accused FSB’s Centre 16 of deploying malware for espionage and sabotage worldwide. The sanctions build on existing measures against Russia following its 2022 invasion of Ukraine, reinforcing Western efforts to curb Moscow’s cyber aggression.
INCIDENT DETAILS -
TYPE
cyberattackespionagesabotage
MOTIVATION
disruption of European stabilityespionagesabotage
IMPACT
power gridgovernment ministriesrail infrastructurecritical servicesOperational Impact: Potential disruption of electricity supply to 500,000 people; disruptions to rail infrastructure and key services

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for FMAF ?
?
What was FMAF's A.I Rankiteo Cyber Score in June 2026 ?
?
What was FMAF's A.I Rankiteo Cyber Score in May 2026 ?
?
What was FMAF's A.I Rankiteo Cyber Score in April 2026 ?
?
What was FMAF's A.I Rankiteo Cyber Score in March 2026 ?
?
What was FMAF's A.I Rankiteo Cyber Score in February 2026 ?
?
What was FMAF's A.I Rankiteo Cyber Score in January 2026 ?
?
What was FMAF's A.I Rankiteo Cyber Score in December 2025 ?
?
What was FMAF's A.I Rankiteo Cyber Score in November 2025 ?
?
What was FMAF's A.I Rankiteo Cyber Score in October 2025 ?
?
What was FMAF's A.I Rankiteo Cyber Score in September 2025 ?
?
What was FMAF's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on FMAF's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with FMAF ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view FMAF's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?