Search

French Education Ministry Says Cyberattack Exposed Student Data

Cyber threats and incidents
By John Kevin Hao

Related

Cyber threats and incidents

Ukraine Probes Teen Suspect in Cyber Theft Scheme Targeting California Online Shoppers

What happened Ukrainian authorities have identified an 18-year-old suspect from...
Read more
Cyber threats and incidents

OpenAI Urges macOS Users to Update After TanStack Supply Chain Attack Hits Signing Keys

What happened OpenAI has urged macOS users to update their...
Read more
Cyber threats and incidents

Foxconn Confirms Cyberattack Impacting North American Factories

What happened Foxconn, the world's largest contract electronics manufacturer, confirmed...
Read more
Cyber threats and incidents

Instructure Pays Ransom to Resolve Canvas Data Breach Affecting 275 Million Users

What happened Instructure has paid a ransom to ShinyHunters, the...
Read more
Cyber threats and incidents

ShinyHunters Defaces Canvas Login Portals at 330 Schools in Escalating Extortion Campaign

What happened ShinyHunters escalated its ongoing extortion campaign against Instructure...
Read more

Share

What happened

The French Education Ministry said a cyberattack exposed student data after attackers compromised an authorized staff member’s account at the end of 2025. The ministry said the breach gave unauthorized access to a student account management service linked to EduConnect. The affected service has since been suspended while the investigation continues to determine the full extent of the compromised data. The ministry also said it reset access codes for inactive accounts and implemented stronger security measures after discovering the incident. According to the ministry, accounts that had already been activated were not affected by the leak. The disclosure comes about a month after a separate data leak affecting around 243,000 Education Ministry employees, most of them teachers. 

Who is affected

The direct exposure affects students whose data was accessible through the compromised account management service linked to EduConnect. The ministry said activated accounts were not affected, which indicates the leak was limited to a specific subset of student-related accounts within the affected service. 

Why CISOs should care

This incident matters because it shows how compromise of a single authorized account can create access to a central education service holding student data. It also highlights the operational challenge of securing account-linked services in large public-sector environments, especially when a second ministry-related data leak has surfaced within a short period. 

3 practical actions

  1. Review account protection for education platforms: Reassess how privileged or authorized staff accounts are secured when they can reach student management systems and other sensitive education services. 
  2. Reset and segment exposed access paths: Use account resets and targeted service suspension quickly when a breach affects a specific application or account layer rather than the entire environment. 
  3. Track repeat incidents across the same institution: Treat closely timed disclosures involving different populations in the same ministry as a broader governance and monitoring signal, not just isolated events. 

For more news about incidents involving exposure of personal information, click Data Breach to read more.

IMG 0514 2
+ posts

John Kevin Hao is a news and feature writer covering cybersecurity, technology, and business targeted for professional audiences.

Previous article
Pro-Iranian Group Claims Cyberattack on L.A. Metro, Raises Concerns About Rail Control System Exposure
Next article
Microsoft and Salesforce Patch AI Agent Flaws That Could Leak Sensitive Data

Subscribe to our stories

To be updated with all the latest news, offers and special announcements.