• Data breach at French bank registry impacts 1.2 million accounts February 20, 2026 11:20 AM 0 The French Ministry of Finance has disclosed a cybersecurity incident that impacted data associated with 1.2 million user accounts. • The investigation discovered that hackers gained access to the national bank account registry (FICOBA) and stole a database containing sensitive information. • The Ministry’sannouncementnotes that in late January, a threat actor used credentials stolen from a civil servant with access to the interministerial information sharing platform. • The credentials gave the hacker access to part of a database that contained all bank accounts opened in French banking institutions and personal data: Bank account details, including RIBs/IBANs Account holder identity Physical address Taxpayer identification number (only in some cases) The Ministry states that it took immediate action to restrict the threat actor’s access to its systems immediately after detecting the incident. • However, it is believed that data of about 1.2 million accounts were already exposed to potential exfiltration. • FICOBA is a centralized state-managed registry of bank accounts in France, operated by the French tax authority, the Direction générale des Finances publiques (DGFiP).
Article Summaries:
- The French Ministry of Finance announced that a cyber‑attack on the national bank‑account registry, FICOBA, exposed data for 1.2 million accounts. Hackers accessed the database after using credentials stolen from a civil servant who had access to an inter‑ministerial information‑sharing platform. The compromised data included bank details (RIBs/IBANs), account holder identities, addresses, and in some cases taxpayer identification numbers. The Ministry acted quickly to block the intruder, but the breach likely allowed data exfiltration. FICOBA’s operations are disrupted; restoration work is underway with ANSSI and DGFiP, and affected users will be notified individually. The CNIL has been informed.
Sources: