France’s Economy Ministry has confirmed that a hacker accessed sensitive information linked to 1.2 million bank accounts, after exploiting stolen login credentials belonging to a

government official.

According to the French Economy Ministry, the intrusion involved unauthorized access to a national banking database that lists accounts held across French financial institutions. Authorities say affected customers will be formally notified in the coming days.

The incident was first reported by the French daily Le Monde, which cited a ministry statement explaining that the attacker used compromised official credentials from late January onward. This allowed the hacker to consult parts of a centralized file containing personal banking details, including account numbers, account holder names, postal addresses, and, in some cases, tax identification numbers.

Officials stressed that the breach did not provide access to account balances or transaction histories. The head of France’s public finances administration said safeguards prevented the extraction of funds or financial movements. Once the suspicious activity was detected, the ministry moved quickly to block the attacker and prevent any further access or data exfiltration.

A criminal complaint has been filed, and the incident has been reported to the CNIL, France’s data protection watchdog, as required under national and EU privacy regulations.

So far, authorities have not disclosed who may be behind the attack. Investigators have not ruled out any possibilities, and it remains unclear whether the breach was carried out by a cybercriminal group or a state-linked actor.

The disclosure comes amid a series of high-profile cyber incidents affecting French public institutions. In December, a major cyberattack disrupted digital services at La Poste, temporarily knocking parts of its information systems offline and affecting millions of users.

That outage followed a separate intrusion at the Interior Ministry, where attackers accessed internal email servers and potentially sensitive police documents. At the time, Interior Minister Laurent Nunez said the attack was detected overnight between December 11 and 12. While some files were accessed, officials have said there is still no confirmation that data was stolen.

Together, the incidents highlight growing concerns over the security of government IT systems and the risks posed by compromised credentials within public administrations. Photo by Arthur Weidmann, Wikimedia commons.