French Defence Contractor Naval Group Hit by Alleged Data Leak
Naval Group, previously known as DCNS, is a major French company that builds warships and naval defense systems. The French government owns most of the company, while the rest is held by defense firm Thales Group. Naval Group supplies ships like submarines, frigates, and aircraft carriers to the French Navy and also exports to countries like India, Australia, Egypt, and Brazil.
On July 23, 2025, a hacker going by the name “Neferpitou” claimed to have stolen sensitive data from Naval Group. The hacker first released a 13 GB sample of the stolen files, which reportedly includes secret details about warship systems, technical manuals, virtual machines used for testing, and internal company messages.
The attacker warned the company to contact them within 72 hours to negotiate a ransom. When the deadline passed, they uploaded what they claimed was the full set of stolen files—around 1 terabyte—to a forum.
This forum, called DarkForums, has grown significantly since April 2025, after another major cybercrime forum called BreachForums was shut down. It has become a popular spot for cybercriminals to share stolen data.
Some believe this leaked data might not be new. Thales, which partly owns Naval Group, was targeted in a ransomware attack by the LockBit 3.0 group in 2022. It’s possible that some of the leaked information is from that earlier breach.
Also read: Concur CEO on advancing to the second round of MeitY’s ‘Code for Consent’ challenge