French government messaging app Tchap hacked
The French government's secure messaging application, Tchap, was reportedly hacked in June 2026, leading to the potential exposure of user data. A threat actor operating under the username 'misere' claimed responsibility for the attack. French authorities have initiated an investigation into the breach, which may have compromised 650,000 messages and 73,000 accounts.
Signal context
First seen: Jun 18, 2026
Last updated: Jun 24, 2026
Status: Public signal
Key points
- Tchap, the French government's messaging app, was reportedly hacked.
- A threat actor named 'misere' claimed responsibility for the attack.
- The breach may have exposed 650,000 messages and 73,000 accounts.
Signal analysis
BetaThis analysis groups the signal by industry, likely incident action and impacted security area. It helps compare this signal with other published signals without treating the labels as final determinations.
Sector: Public Administration
Likely country: 🇫🇷 France
inferred from company domain
Watch internet-facing systems, credential abuse and exploit activity.
- Source type: outside the affected organization
Impact area: Confidentiality
- 2 signals in the same sector
- 36 signals with the same likely impact area
- 1 signal linked to this organization/domain
External sources
June 2026 Data Breaches: List Major Incidents & Latest Updates - SharkStrikerhttps://sharkstriker.com/blog/june-2026-data-breaches/Public source from sharkstriker.com.
AI-Driven Threats, Zero-Days, and Data Breaches Define This Week in Cybersecurity for June 2026 | eSecurity Planethttps://www.esecurityplanet.com/weekly-roundup/ai-driven-threats-zero-days-and-data-breaches-define-this-week-in-cybersecurity-for-june-2026/Public source from esecurityplanet.com.
Related signals
Grouped by why the signal is relevant.
France Titres (ANTS) Data Breach Exposes 11.7 Million Citizen Accounts
France Titres (Agence nationale des titres sécurisés - ANTS), the French government's identity document portal, detected a security breach on April 15, 2026. The incident exposed personal data from individual and professional accounts, including names, email addresses, dates of birth, postal addresses, phone numbers, login IDs, and unique account identifiers. A threat actor using 'breach3d' claimed responsibility and advertised up to 19 million records, with the agency confirming 11.7 million affected accounts.
LastPass confirms data breach in Klue supply chain attack
LastPass announced that hackers accessed customer data from its Salesforce environment after stealing the company's OAuth tokens in a supply chain attack targeting Klue, a third-party market intelligence platform. The unauthorized actor obtained OAuth tokens from Klue, which were then used to access LastPass customer data. Exposed information includes customer names, phone numbers, email addresses, physical addresses, support case information, and sales/CRM-related data. LastPass stated that its core products, services, and infrastructure, including customer vaults, were not affected by this incident. The Icarus extortion group claimed responsibility for the Klue attack.
Healthtech firm Xsolis suffers data breach impacting 1.4 million people
Healthcare technology company Xsolis disclosed a data breach affecting nearly 1.4 million individuals. The incident stemmed from a targeted phishing attack on January 20, 2026, which led to unauthorized access to a limited portion of the Xsolis environment. Attackers accessed files containing customer information, including names, addresses, dates of birth, health insurance information, Social Security numbers, and medical treatment information. Xsolis is a U.S.-based firm providing AI-powered software for healthcare organizations.
Paywall Bypass Vulnerability
Tweakers.net has identified a vulnerability that allows for the bypass of its paywall. This issue is listed as a 'Known issue' within their bug bounty program, indicating that the company is aware of the flaw and is seeking ethical hackers to report findings related to it. A successful bypass could allow unauthorized access to premium content.
Oracle Affected by FortiBleed Campaign
Oracle was identified as one of over 22,000 corporate domains affected by the FortiBleed campaign. A Russian-speaking criminal group compromised Fortinet firewall and VPN devices globally, exfiltrating credentials and potentially gaining full network access.
Nintendo confirms data stolen in WebMD subsidiary cyberattack
Nintendo of America confirmed that survey data was stolen from TinyPulse, a third-party service used internally for employee surveys. The company emphasized that its own systems were not compromised, and no personal customer or financial data was accessed. The data involved was limited to internal survey content from a small subset of employees, with most information dating back several years. The Shadowbyt3$ extortion group claimed responsibility, demanding a $2 million ransom.