Tchap (French Government)

A threat actor using the handle "misere" claimed responsibility for breaching Tchap, the French government's secure messaging platform. Tchap was built by DINUM (France's digital affairs directorate) and ANSSI (France's cybersecurity agency) specifically to replace foreign messaging apps like Signal and WhatsApp for official government communications.

The attacker claimed to have exfiltrated 13.5 GB of data including 73,467 user accounts from French ministries, 643,459 messages, 876 chat rooms with full message history, and 59,386 shared media files.

Internal communications between French government officials. Chat rooms for ministry coordination. Shared documents and media files. Account information for personnel across French government agencies.

643,000 messages represents years of internal government discussion. Policy debates, coordination messages, attachments, media files—the daily operational communications of a major government. This is exactly the data Tchap was designed to protect from foreign intelligence services.

French government employees whose accounts and communications are exposed. Officials who discussed sensitive matters assuming they were using a secure, sovereign platform. The French government's credibility in mandating specific communication tools.

Beyond individual exposure, this breach provides intelligence value. Government communication patterns, organizational relationships, internal debates—all now potentially available to anyone who obtains the dump. The irony: France banned Signal and WhatsApp for government use in 2025 precisely to prevent this kind of exposure to foreign services.

France took the threat of foreign surveillance seriously. They built a sovereign messaging platform rather than relying on American tech companies. ANSSI—one of Europe's most capable cybersecurity agencies—was involved in the development. They mandated its use across government.

The decision to build in-house rather than use commercial solutions was a reasonable response to legitimate concerns about data sovereignty. But custom-built systems require ongoing security investment. The attack surface of a messaging platform is large, and the target value for adversaries is high.

Messaging platforms accumulate data by design. Chat histories grow. Media files pile up. Old conversations persist unless explicitly deleted. 643,000 messages represents substantial accumulation—years of communications that may have outlived their operational value but remained accessible.

The question for any secure communication platform: what's the retention policy? Do messages auto-delete? Are old chat rooms archived or maintained live? The larger the historical dataset, the larger the potential breach.

This is a national security incident. ANSSI will lead the investigation. The breach affects personnel across French ministries and agencies. Attribution matters both for accountability and for understanding whether this was opportunistic or targeted.

The political implications are significant. France mandated Tchap to protect government communications from foreign tech companies. A breach of the mandated platform raises questions about the underlying strategy—and whether personnel should have alternatives.