Tchap Breach and the Case for Digital Sovereignty
France’s government messaging platform Tchap, developed by the digital affairs directorate DINUM with cybersecurity agency ANSSI, has been compromised through a hijacked user account.
The breach was detected after attackers used social engineering to gain access rather than exploiting encryption flaws. The incident raised concerns because Tchap is the official communication tool for French public servants.
It is reported that the attacker accessed sensitive communications, potentially exposing hundreds of thousands of messages, user account data, and shared documents. French authorities, including the national data protection body CNIL, were notified and launched an investigation. Officials also warned users that public chat rooms are not fully encrypted and should not contain confidential information.
The compromised account was quickly blocked while forensic analysis continues.
This incident highlights the importance of digital sovereignty, especially for countries like South Africa, where government communications, citizen data, and critical infrastructure must remain protected from external control or compromise.
When states rely on foreign platforms or insufficiently secured systems, they increase exposure to espionage, data leaks, and manipulation. Strengthening local cybersecurity capacity, enforcing strict data governance, and ensuring secure sovereign communication systems are essential to protect national security and public trust in the long term and resilience building.