15.04.2026 13:27
In a cyber attack targeting the French Ministry of Education, students' personal data was leaked. It was announced that the data, which includes names, schools, email addresses, and EduConnect login information, was obtained by accessing the system using authorized credentials. While the security vulnerability has been closed, the number of affected students is being investigated. Following the incident, a crisis unit was established, and a criminal complaint was filed.
The French Ministry of Education announced that it was subjected to a cyber attack and that some students' personal data was leaked. The incident has brought data security discussions back to the agenda in the country.
PERSONAL INFORMATION OBTAINED
In a statement by the Ministry, it was stated that as a result of the attack, students' names, surnames, school and class information, and email addresses were leaked. It was also stated that login information and passwords belonging to the EduConnect system were obtained.
AUTHORIZED IDENTITY WAS USED
It was reported that the attack occurred when a person accessed a student account management service connected to the EduConnect system in 2025 by misusing the identity of an authorized personnel.
SECURITY VULNERABILITY CLOSED
It was announced that the security vulnerability detected in December 2025 was fixed, and work is ongoing to determine the number of students whose data was leaked.
CRISIS DESK ESTABLISHED
The Ministry announced that it established a crisis desk after the attack and filed a criminal complaint regarding the incident.