On the night of July 22-23, 2025, French defense contractor Naval Group became the target of a significant cyberattack claim, sending ripples through the nation’s security apparatus. A cybercriminal announced they had successfully breached the company’s systems, allegedly exfiltrating one terabyte (1 TB) of highly sensitive data. The potential breach at one of Europe’s leading naval defense firms represents a serious threat to French national security, prompting an immediate and high-level investigation.
The scope of the allegedly stolen data is extensive and deeply concerning, reportedly covering the period from 2019 to 2024.
According to cybersecurity specialist Clement Domingo, the compromised files include a “top secret CMS for submarines and frigates with source code and user guide,” as well as a vast trove of technical documents with various security classifications such as “Restricted distribution” and “Special France.” Furthermore, the hacker claims to possess developer virtual machines containing French navy simulators and records of confidential exchanges from internal messaging systems.
Adding a layer of urgency to the situation, the cybercriminal has issued a stark ultimatum to the French industrialist. Naval Group has been given a 72-hour window to establish contact before the attacker threatens to publish the entire cache of stolen data online. Such a leak could expose critical details about France’s naval capabilities, including the design and operational systems of its submarines and frigates, potentially compromising military operations and national defense secrets.
In response to the alarming claims, Naval Group’s communications department has adopted a cautious but serious posture. “We have indeed detected a potential cybersecurity incident that would involve us,” the company stated. “As we take any cyber alert very seriously and we have appropriate procedures, we immediately mobilized a team of experts in conjunction with state services.” While actively investigating the incident, the company affirmed that for the time being, it could “neither confirm nor deny this information.”
The situation remains tense as investigators work to verify the hacker’s claims and assess the extent of the potential damage. The outcome of this incident will be watched closely by governments and defense industries worldwide, as it underscores the persistent and evolving threat of cyber espionage against critical national infrastructure. Whether the threat is genuine or an elaborate bluff, the claim alone has forced a major defense entity and the French state to confront a worst-case security scenario.
Reference:
