France’s state-owned defense firm Naval Group is investigating a major cyberattack after 1TB of allegedly sensitive data was leaked on a well-known hacking forum. The company, which designs and builds naval vessels, described the incident as an attempt at destabilization and a reputational attack, not a confirmed breach. Naval Group quickly involved cybersecurity specialists and French authorities, launching a thorough investigation to verify the authenticity and origin of the leaked data.
The threat actor, going by the alias ‘Neferpitou’, initially posted a 13 GB data sample as proof and issued a 72-hour ultimatum to Naval Group for negotiations before publishing the full dataset. The leaked material reportedly contains classified information such as combat management systems for military vessels, technical documentation, and internal communications. Naval Group, however, asserts it has not detected any IT systems intrusion and operations remain unaffected.
Naval Group is France’s leading naval defense supplier, majority-owned by the state with a global footprint that includes exports to Australia, India, Brazil, and Egypt. The company is responsible for constructing and maintaining some of France’s most sensitive assets, including submarines and aircraft carriers. The breach, if genuine, could have significant implications for national security and international defense partnerships.
The data appeared on DarkForums, which has reportedly surged in popularity since the collapse of BreachForums, now acting as a central hub for cybercriminal activity. The incident has also sparked speculation that the leaked data might be recycled, possibly linked to a previous breach involving Thales, another key French defense player, in 2022.
Despite the hacker’s claims and the potentially catastrophic exposure of confidential systems, Naval Group maintains that current evidence points more toward a reputational attack rather than proof of direct compromise. Investigations are ongoing, with the company committed to collaborating with authorities to resolve outstanding questions around the legitimacy and impact of the data leak.
