On this case, it wasn’t the expertise that was at fault, however a consumer: The intruder gained entry to the system by taking on their account, in keeping with DINUM, the French authorities’s interministerial digital directorate.
DINUM mentioned it has blocked the affected consumer’s entry and is investigating how a lot info has been revealed. Whereas the system’s encryption was not damaged, the intruder would have been capable of view unencrypted public chat rooms accessible to the account taken over, doubtlessly affecting 73,467 of the system’s 825,000 customers, DINUM mentioned.
That matches no less than a part of a publish on X (previously Twitter) reporting the intruder’s declare to have accessed the account of a Tchap consumer within the schooling sector via social engineering, exposing 73,467 consumer accounts, 643,459 messages, 876 chat rooms with message historical past, and 59,386 media information totalling 13.51 GB, together with references to paperwork marked “Diffusion Restreinte” (restricted distribution).
DINUM mentioned that it had reminded all Tchap customers that public chat rooms are accessible to any consumer and will not be encrypted, so all members ought to chorus from any delicate or confidential info.
