The Paris public prosecutor’s office is investigating Tchap’s cyberattack after referral to Ofac and complaint from Dinum, which limits the data consulted to public conversations.
The Paris prosecutor’s office has opened an investigation into the cyberattack targeting Tchap, an encrypted instant messaging service used by public officials, the public prosecutor said on Tuesday, requested by AFP. According to a press release from the Interministerial Digital Directorate (Dinum), the National Information Systems Security Agency (Anssi) detected on Sunday a compromise of the Tchap service following account theft.
Chronology and criminal procedure
The Anti-Cybercrime Office (Ofac) was contacted on Monday on suspicion of attacks on an automated data system, fraudulent possession and transmission of data contained “in an automated processing system of personal data implemented by the State”. Dinum filed a complaint the same day, denouncing the export of conversations resold on the darknet. The announcement of the opening of the investigation by the prosecution came on Tuesday.
Dinum specified that “even in the case of account theft, the history of private and encrypted conversations is not accessible” and that the exchanges likely to have been consulted are limited to the content of public conversations. The specialist site FrenchBreaches reported claims on the dark web according to which more than 643,000 messages from 73,000 agents in 876 chat rooms were exposed, without official confirmation from the authorities.
Generalized sovereign messaging by the end of 2025
Generalized in September 2025 for all public officials in order to reduce the risk of interception of their communications, Tchap was presented as a safer alternative to general public applications such as WhatsApp or Telegram. To stem the attack, Dinum indicates that the account originating the malicious requests was identified and immediately blocked in order to remove the attacker’s persistent access.
