Tchap Archives

AppWizard

June 10, 2026

France’s Government Messaging App Tchap Got Breached

On June 7, 2026, Tchap, the French government's encrypted messaging platform for civil servants, experienced a significant breach detected by ANSSI. The breach resulted from a compromised user account and involved the education shard of Tchap, specifically targeting matrix.agent.education.tchap.gouv.fr. Approximately 650,000 messages, data from over 73,000 accounts, and about 13.5GB of documents and media files were allegedly scraped. The attacker also claimed to have discovered hardcoded LDAP credentials leaked through a PowerShell script shared by a regional director of the French tax authority. DINUM, the French Digital Affairs Directorate, stated that private conversations on Tchap are end-to-end encrypted and that the compromised account has been blocked. They notified CNIL about the potential exposure of personal data and reminded users to avoid sharing sensitive information in public chat rooms. The breach follows a mandate from Prime Minister François Bayrou in August 2025 requiring all civil servants to use Tchap, increasing its attractiveness as a target for cyber threats. The investigation into the breach is ongoing.

AppWizard

June 10, 2026

Tchap Breach: France’s State Messenger Compromised

On June 7, an unauthorized individual accessed a user account on the Tchap messaging platform, which is used by France's government. The Digital and Numérique Agency (DINUM) identified and blocked the compromised account, but the breach raised significant security concerns. The attacker claimed to have accessed about 14GB of documents and data from public Tchap rooms, including sensitive information such as hardcoded LDAP credentials, email addresses, meeting links, and organizational details. It was revealed that public chatrooms on Tchap do not use end-to-end encryption, making shared information accessible to anyone logged into the account. The incident has implications for the credibility of government-developed secure communication tools.

Winsage

April 10, 2026

French government says it is ditching Windows for Linux, here’s why

The French government is transitioning from Microsoft Windows to the open-source Linux operating system as part of a strategy to reclaim control over national data and reduce reliance on American software. This initiative, led by the Interministerial Directorate for Digital Affairs (DINUM), aims to ensure that France's data and infrastructure are not dictated by external entities. The government is conducting an audit of its digital infrastructure to find sovereign alternatives and has already confirmed its exit from Windows. The National Health Insurance Fund is migrating its 80,000 agents to tools developed on an interministerial digital platform, and the government plans to migrate its health data platform to a trusted domestic solution by the end of 2026.

AppWizard

September 2, 2025

France makes state-owned messaging app Tchap mandatory for public officials

The website www.aa.com.tr uses mandatory cookies that cannot be disabled. The types of cookies include: - Necessary Cookies: Distinguish between human users and bots for accurate website usage reports. - Functional Cookies: Remember user-selected language versions for personalized interaction. - Performance/Analytical Cookies: Collect statistical data on visitor engagement for service optimization, used by Google Analytics. - Advertising/Marketing Cookies: Gather consumer behavior insights for marketing refinement, relayed to Alexa Analytics.

AppWizard

September 2, 2025

France bans WhatsApp, Telegram for government workers, mandates state messaging app

The French government has prohibited all public sector employees from using messaging apps like WhatsApp and Telegram for professional purposes, effective from September 1. They must transition to Tchap, a secure messaging service developed by the state, which features end-to-end encryption and stores data on French government servers. Prime Minister Francois Bayrou issued this directive on July 25, citing security concerns over foreign intelligence connections associated with consumer messaging applications. Tchap requires users to register with authorized government email domains and is intended to ensure confidentiality and optimal security for professional exchanges. Previous initiatives included a mandate for the use of Olvid, another encrypted messaging service, which can still be used by ministerial offices but Tchap is encouraged for state communications. Tchap faced security challenges during its beta launch in 2019, which were addressed. Telegram has also faced scrutiny in France for failing to comply with legal requests regarding user information.