comscore
हिंदी
  • Home
  • News
  • French government database breach exposes 1.2 million bank accounts

French government database breach exposes 1.2 million bank accounts

A cyberattack on France’s FICOBA bank account registry exposed data linked to over 1.2 million accounts.

Published By: Shubham Arora | Published: Feb 27, 2026, 01:01 PM (IST)

hacking
  • whatsapp
  • twitter
  • facebook
  • whatsapp
  • twitter
  • facebook

French authorities have confirmed a cyberattack on a government database that lists bank accounts across the country. The breach affected more than 1.2 million accounts, according to statements from the French Ministry of Finance and the Directorate General of Public Finances (DGFiP) news Also Read: Installed these apps? They may have leaked your photos and personal data

The database involved is known as FICOBA, the national registry that records all bank accounts opened in French banking institutions. news Also Read: WhatsApp may soon let users add a password to their accounts

How the breach happened

As per the Ministry’s statement, the attack took place in January after login credentials belonging to a civil servant were stolen. The attacker reportedly used those credentials to access the FICOBA database by impersonating an authorized official involved in inter-ministerial data exchanges. news Also Read: How to Identify Online Scams in Seconds

Once inside, the attacker was able to view and extract data linked to around 1.2 million accounts. The exposed information includes bank account identifiers such as RIB and IBAN numbers, along with account holder names and postal addresses.

There has been some variation in early reporting regarding tax identification numbers. In its official communication, the Ministry stated that tax IDs were not accessed during the unauthorized intrusion.

What authorities have said

According to DGFiP, access to the system was restricted immediately after the breach was detected. The database was temporarily taken offline and later restored with added security measures.

The incident has been reported to the National Commission for Information Technology and Civil Liberties (CNIL), and a formal complaint has been filed. The Ministry also confirmed that it is working alongside the National Cybersecurity Agency of France (ANSSI) to strengthen system security.

Affected individuals are being notified directly. Banking institutions have also been informed in order to alert customers about possible fraud attempts.

Risk of follow-up scams

Security researchers have warned that exposed banking details could be misused in phishing or SEPA direct debit fraud campaigns. As noted by BleepingComputer, banks have already reported a rise in email and SMS messages attempting to exploit the situation.

French authorities have urged citizens not to respond to suspicious messages asking for banking details. The tax department said it will never request login credentials or bank card information via SMS or email.

Add Techlusive as a Preferred SourceAddTechlusiveasaPreferredSource

While the system is now operational again, the investigation into the breach remains ongoing.