Incident Score: Analysis & Impact (DIRIFIFRE1781260189)

In this Rankiteo incident briefing, we review the The French Institute in India breach identified under incident ID DIRIFIFRE1781260189.

The analysis begins with a detailed overview of The French Institute in India's information like the linkedin page: https://www.linkedin.com/company/ifiofficiel, the number of followers: 25332, the industry type: Government Administration and the number of employees: 55 employees

After the initial compromise, the video explains how Rankiteo's incident engine converts technical details into a normalized incident score. The incident score before the incident was 759 and after the incident was 651 with a difference of -108 which is could be a good indicator of the severity and impact of the incident.

In the next step of the video, we will analyze in more details the incident and the impact it had on The French Institute in India and their customers.

On 07 June 2026, French Government (DINUM - Interministerial Directorate for Digital Affairs) disclosed Data Breach issues under the banner "French Government’s Secure Messaging Platform Tchap Breached, 13.51 GB of Data Exfiltrated".

A threat actor operating under the alias *misere* compromised Tchap, the encrypted messaging platform used by the French government, allegedly stealing 13.51 GB of sensitive internal data.

The disruption is felt across the environment, affecting Tchap (matrix.agent.education.tchap.gouv.fr shard), and exposing 13.51 GB of sensitive internal data, including 643,459 messages, 876 discussion channels, 59,386 media files, and 90 instances of 'Diffusion Restreinte', with nearly 643,459 messages, 59,386 media files, 73,467 accounts enumerated records at risk.

In response, teams activated the incident response plan, moved swiftly to contain the threat with measures like Compromised account blocked, and began remediation that includes Investigation launched with ANSSI, platform-wide alert issued, and stakeholders are being briefed through Notification to CNIL, alert to users about unencrypted public chat rooms.

The case underscores how Ongoing, teams are taking away lessons such as Critical flaw in public room accessibility on Matrix-based platforms; need for shard isolation and encryption in public chat rooms, and recommending next steps like Implement shard isolation, enforce encryption for public chat rooms, enhance user authentication and monitoring, with advisories going out to stakeholders covering Platform-wide alert to users about unencrypted public chat rooms.

Finally, we try to match the incident with the MITRE ATT&CK framework to see if there is any correlation between the incident and the MITRE ATT&CK framework.

The MITRE ATT&CK framework is a knowledge base of techniques and sub-techniques that are used to describe the tactics and procedures of cyber adversaries. It is a powerful tool for understanding the threat landscape and for developing effective defense strategies.