Cyberattack knocks France's postal service and its banking arm offline

France's national postal operator and its banking division suffered a suspected cyberattack on Monday, disrupting package deliveries and online payments during the peak Christmas period.

La Poste said in a statement that a distributed denial of service (DDoS) incident made its online services unavailable. The postal service said customer data remained secure but deliveries of packages and mail were affected.

At a Paris post office decorated with Christmas garlands, staff turned away customers queuing to send or collect parcels, including holiday gifts.

Users of the company's banking subsidiary, La Banque Postale, were unable to access the mobile application to authorise payments or carry out other banking transactions. The bank redirected payment approvals to text messages as a temporary measure.

"Our teams are mobilised to resolve the situation quickly," the bank said on social media.

No group immediately claimed responsibility for the attack.

La Poste has been targeted by cyberattacks before. In February 2024, the Turkish hacking group Turk Hack Team claimed responsibility for a DDoS attack that knocked the postal service's website offline for several hours.

The same services affected on Monday — Colissimo parcel tracking and the Digiposte digital vault — were already disrupted on Saturday, though La Poste did not immediately confirm whether that incident was also an attack.

Major incidents continue

The disruption came days after France's government said it suffered a cyberattack that affected the Interior Ministry, which oversees national security.

In that breach, a suspected hacker extracted several dozen sensitive documents and gained access to information on police records and wanted individuals, Interior Minister Laurent Nunez told broadcaster Franceinfo.

He attributed the incident to "imprudence" and poor "digital hygiene" within the ministry, including passwords shared in plain text via email.

A hacker claiming responsibility posted on breach forums alleging access to data on 16.4 million French citizens, though authorities disputed this figure, saying only dozens of files were confirmed stolen. French media reported a 22-year-old was detained in connection with the attack.

Last week, prosecutors said France's counterintelligence agency is investigating a suspected cyberattack conspiracy involving software that would have enabled remote control of computer systems on an international passenger ferry.

A Latvian crew member is being held on charges of acting for an unidentified foreign power, officials said.

The ferry investigation is being led by France's General Directorate for Internal Security (DGSI), the country's counterintelligence agency, indicating the seriousness of the suspected plot.

The malware discovered aboard the GNV Fantastic, which operates between France, Italy and North Africa, was a Remote Access Trojan (RAT) capable of remotely controlling the vessel's operating systems.

Nunez strongly hinted at Russian involvement, saying "foreign interference very often comes from same country," though no official attribution has been made. The ferry was temporarily sealed for security checks before being cleared to resume operations.

France and other European countries supporting Ukraine have accused Russia of conducting "hybrid warfare" against them through sabotage, assassinations, cyberattacks, disinformation and other hostile actions.