Single Stolen Government Credential Exposes 1.2 Million French Bank Records
scsecFebruary 21, 20262 Mins read 
A single set of stolen credentials has exposed more than 1.2 million French bank account records, after attackers gained access to France’s national banking database, known as Fichier des comptes bancaires (Ficoba).
The breach occurred when threat actors impersonated a government official who had authorized access to the database as part of an inter-ministerial information exchange. By using compromised login details, the attacker was able to consult a portion of the database starting in late January 2026.
Ficoba contains records of all bank accounts opened in France. The exposed data reportedly includes bank account numbers, names and addresses of account holders, IBANs, and in some cases tax identification numbers. Authorities stressed that the attackers did not gain access to account balances or transaction histories.
According to a statement from Ficoba, access restrictions were immediately implemented once the incident was detected. These measures were aimed at stopping the intrusion, limiting the volume of accessed and extracted data, and preventing further unauthorized activity. IT teams at France’s Public Finances Directorate are working with other government bodies to investigate the incident and reinforce security controls.
The breach has been reported to the French Data Protection Authority, Commission nationale de l’informatique et des libertés. France’s Public Finances chief told Agence France-Presse that affected individuals will be notified in the coming days.
While financial balances were not exposed, cybersecurity researchers warn the risks remain significant. Analysts at Cybernews noted that personally identifiable information (PII), such as names, addresses, and tax identification numbers, can be combined with other leaked data to craft convincing phishing campaigns. Attackers could impersonate banks or government agencies to trick victims into disclosing further information or making payments.
The inclusion of tax numbers increases the risk of fraud and identity theft, as these identifiers may be used across government platforms.
Ficoba has already warned that numerous scam attempts are circulating via email and SMS in the wake of the breach. Individuals are advised not to respond directly to suspicious messages. Instead, they should verify any communication by contacting their local tax office through the secure messaging system in their official online account or by phone.
Security experts have also raised concerns about internal access controls. Michael Jepson, penetration testing manager at CybaVerse, said it is troubling that a single individual’s credentials allowed unilateral access to such a large volume of sensitive data. He emphasized that modern cybersecurity best practice requires access to be based strictly on operational need, rather than seniority or position. Since senior officials are often prime targets for attackers, excessive privileges can significantly amplify risk.
The incident highlights the growing dangers of credential compromise and the importance of enforcing least-privilege access, stronger authentication controls, and continuous monitoring within government systems handling highly sensitive financial data.
- 1.2 million bank records
- banking data leak 2026
- CNIL investigation
- Ficoba breach
- financial data security
- France banking database hack
- France cybersecurity news
- French data breach
- government credential compromise
- IBAN data exposed
- identity theft risk
- national banking registry breach
- phishing scams France
- public sector cyber attack
- tax ID data leak
1 Comment
Leave a Reply
Related Articles
INTERPOL’s Operation Red Card 2.0 Nets 651 Arrests, Disrupts $45M African Cybercrime Networks
An international cybercrime crackdown led by INTERPOL has resulted in 651 arrests...
AI-Powered PromptSpy Android Malware Uses Gemini to Hijack Devices and Survive Reboots
Security researchers at ESET have uncovered what they describe as the first...
Fake Android Antivirus App TrustBastion Steals Banking Credentials and Sensitive Data
Fake Android Antivirus App TrustBastion Steals Banking Credentials A new Android malware...
Fake CAPTCHA Scam Deploys StealC Malware to Steal Passwords, Crypto, and Windows Data
Fake CAPTCHA Scam Tricks Windows Users Into Installing StealC Malware A new...
It’s alarming that a single compromised account was enough to expose over 1.2 million banking records. This incident clearly shows how critical strict access controls and multi-factor authentication are in protecting sensitive national databases. Hopefully, authorities will strengthen privilege management and monitoring to prevent similar breaches in the future.