French Ministry of Education Data Breach Exposes 243,000 Staff Records
Learn More
The French Ministry of National Education reports a data breach on March 15, 2026, involving the theft of records from its COMPAS information system.
This platform is primarily used for the administrative management of teacher trainees in primary and secondary schools across France. The ministry's Operational Center for Information Systems Security detected the incident after identifying that a substantial volume of personnel data had been leaked online.
Analysis indicates that a threat actor using the alias 'Hexdex' targeted the COMPAS database to steal sensitive employee information. The attacker then posted a sample of the stolen data on various cybercrime forums and resale websites.
The compromised data includes:
- Full names of trainees and permanent staff
- Home mailing addresses
- Personal and professional phone numbers
- Records of work absence periods
- Identity and professional contact details for internship tutors
The number of affected individuals is 243,000. The nature of the attack is not disclosed.
The ministry suspended external access to the COMPAS system and activated a dedicated crisis unit to assess the impact. The incident was reported to the French National Cybersecurity Agency and the Commission Nationale de l'Informatique et des Libertés for regulatory oversight. A formal criminal complaint was filed in Paris.
