Ransomware gang leaks French government emails
Stormous hackers posted a dataset from French government agencies using outdated password hashes, raising
concerns over credential reuse and phishing risks.
A ransomware gang has published what it claims is sensitive data from multiple French organisations on a dark web forum.
The Stormous cartel, active since 2022, posted the dataset as a ‘comprehensive leak’ allegedly involving high-profile French government bodies.
However, researchers from Cybernews examined the information and found the data’s quality questionable, with outdated MD5 password hashes indicating it could be from older breaches.
Despite its age, the dataset could still be dangerous if reused credentials are involved. Threat actors may exploit the leaked emails for phishing campaigns by impersonating government agencies to extract more sensitive details.
Cybernews noted that even weak password hashes can eventually be cracked, especially when stronger security measures weren’t in place at the time of collection.
Among the affected organisations are Agence Française de Développement, the Paris Region’s Regional Health Agency, and the Court of Audit.
The number of exposed email addresses varies, with some institutions having only a handful leaked while others face hundreds. The French cybersecurity agency ANSSI has yet to comment.
Last year, France faced another massive exposure incident affecting 95 million citizen records, adding to concerns about ongoing cyber vulnerabilities.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!