On Thursday, April 30, in the corridors of the National Agency for Secure Documents (ANTS), abstract discussions were not on the agenda. Following the mid-April cyberattack and the leak of personal data, Sébastien Lecornu announced the release of €200 million "next week" to bolster the government's resources against cyberattacks. The funding is allocated to the France 2030 program, though details on how the funds will be distributed have not yet been provided.
The head of government paints a rather alarming picture: since the beginning of 2026, attacks have multiplied, with "a huge number of cyber intrusions and data thefts," at a rate he estimates at around three data breaches per day. On paper, the money is supposed to be used to strengthen defenses. In reality, it's mainly about catching up on a glaring delay, that of a state still largely reliant on its procedures, but whose digital security is crumbling.
The government also wants to adopt a more proactive approach: computer tests will be launched to identify vulnerabilities before they are exploited. Lecornu has requested "crisis scenarios in the event of a digital blackout," with, underlying it all, a hypothesis rarely stated so clearly: a deprivation of digital tools caused by a foreign power. In other words, preparing for the day when it is discovered that the attack targets not only data but the very continuity of the state.
The State is strengthening its response, and reorganizing itself in the process
Regarding the organization, the message is clear: protecting government ministries would not fall under the purview of ANSSI, according to Lecornu. A reform plan calls for merging the Interministerial Directorate for Digital Affairs and the Interministerial Directorate for Public Transformation to create a "true digital authority of the State" reporting directly to the Prime Minister. This is a political choice as much as an administrative one: to centralize, shorten the chain of command, and demonstrate clear accountability when an incident occurs.
Another announcement, more technical but nonetheless significant: all fines issued by the CNIL (French Data Protection Authority) would be allocated to a fund for modernizing digital infrastructure. The symbolism is easy for taxpayers to grasp: the money from sanctions must be used to strengthen the system. However, this mechanism depends on the level of oversight and the amount of fines, therefore on stable regulatory pressure, and above all, on the government's ability to quickly translate funds into concrete solutions.
At the heart of this sequence of events, the ANTS (National Agency for Secure Documents) is still reeling from the shock. Targeted by a massive attack on April 15, the agency saw data leaked on nearly 12 million individuals and professionals, including information such as names, email addresses, and dates of birth. The portal was closed for just over 48 hours, according to Laurent Nuñez, before restarting with "some difficulties." A 15-year-old minor suspected of being the perpetrator was arrested, stated Paris prosecutor Laure Beccuau, highlighting a disturbing reality: in cyber warfare, the profile of the attacker doesn't always fit the stereotypical image of the hacker from another world, and the next attack could come sooner than expected.
Community
Comments
Comments are open, but protected against spam. Initial posts and comments containing links undergo manual review.
Be the first to comment on this article.