Excerpt from BleepingComputer Article, Published on July 28, 2025
France’s Naval Group, a leading state-owned defense contractor and warship builder, is currently investigating the alleged leak of 1TB of sensitive data following claims of a cyberattack. The threat actor, “Neferpitou,” initially released a sample of 13GB of data, reportedly containing classified combat management systems, technical documents for submarines and frigates, simulation data, and internal communications.
Despite these serious claims, Naval Group maintains that its IT systems have not been breached and that there is no impact on its operations. The company described the incident as a “destabilization attempt” and a “reputational attack,” emphasizing its commitment to protecting client data and national security. Naval Group mobilized cybersecurity experts, including its Computer Emergency Response Team and French authorities, to analyze and verify the authenticity and origin of the leaked data.
The leaked information surfaced on DarkForums, a dark web platform that has gained popularity after the collapse of BreachForums. There is speculation that some data might relate to a prior breach involving Thales Group, a shareholder in Naval Group, which experienced a ransomware attack in 2022.
Naval Group is among the primary suppliers of military naval vessels and systems to the French Navy and international clients including India, Australia, and Brazil. The ongoing investigation highlights the increasing cybersecurity risks faced by defense firms and underscores the need for advanced protective measures to safeguard sensitive military technologies.
To delve deeper into this topic, read the BleepingComputer article.
