France’s largest defense shipbuilder, Naval Group, is facing a potentially severe cybersecurity incident following claims by threat actors who say they’ve compromised critical internal systems, including those tied to France’s military naval operations.
The hackers posted the alleged breach on a well-known data leak forum, asserting that they had accessed sensitive material such as the source code for combat management systems (CMS) used in French submarines and frigates. The attackers are not seeking to sell the stolen data but are reportedly trying to extort the defense contractor, threatening to leak classified information unless their demands are met.
Naval Group, headquartered in Paris and employing over 15,000 personnel, is a major supplier of military-grade naval solutions across Europe. With annual revenues exceeding $5 billion (€4.3 billion), the company is jointly owned by the French government and defense electronics giant Thales Group.
“We’ve reached out to Naval Group for comment and will update this report once a response is received.”
What the Hackers Claim to Have Stolen from Naval Group
According to the post shared by the cybercriminals, the following assets were allegedly accessed during the breach:
- Source code powering the CMS of submarines and frigates
- Internal network topology and related network data
- Technical documents labeled with varying levels of sensitivity
- Developer virtual machine environments
- Confidential internal communications
The attackers also included a 13GB data sample in their post as evidence. The Cybernews research team reviewed portions of this sample and concluded that it appears to contain legitimate Naval Group materials. Among the leaked files were multimedia assets, including video from what appears to be a submarine monitoring interface. However, that video was dated 2003, raising questions about the timeliness and potential operational relevance of some of the data.
Researchers also found excerpts of CMS data and contractual information related to defense systems—details that, if valid, could pose a serious national security risk to France and the wider European defense landscape.
National Security Implications if Breach Is Confirmed
The prospect of foreign or criminal actors gaining access to the core software running combat systems aboard active naval vessels is alarming. If validated, the exposure of CMS source code and restricted documentation would not only undermine Naval Group’s technological integrity but also force the French Ministry of Armed Forces to initiate costly remediation efforts, including system overhauls and operational audits.
While the actual damage and scope remain unverified, it’s worth noting that extortion-based attackers have a history of exaggerating the value and impact of stolen data to apply psychological and financial pressure on victims. Whether that’s the case here remains to be seen.
Naval Group’s Legacy and Role in European Defense
Founded in the 17th century, Naval Group—formerly known as DCN (Direction des Constructions Navales)—has long been central to France’s maritime defense strategy. The company was responsible for constructing France’s only nuclear-powered aircraft carrier, the Charles de Gaulle, underscoring its strategic importance to the country’s national defense capabilities.
A compromise of Naval Group’s digital infrastructure not only exposes sensitive operational data but also signals the growing cyber threat landscape targeting high-value military contractors across Europe. The outcome of this breach—if confirmed—could have long-term consequences for France’s defense posture and industrial cybersecurity policy.
