A threat actor claims to have infiltrated the network of Resana, an interministerial collaborative platform for French government agents. The service, which operates under the resana.numerique.gouv.fr domain, is managed by the French Interministerial Directorate for Digital (DINUM).
Resana is a key part of the French “Digital Suite,” providing state employees with a secure, sovereign workspace for file sharing, co-editing, and project management, analogous to tools like Slack or Microsoft Teams.
The actor posted the claim on November 10, 2025, stating that the data stolen from the network was to be sold. The post specifically noted that the compromised information is “government data.”
According to the actor, the compromised data includes a range of personal and professional information:
- Full names
- Email addresses
- Personal phone numbers
- Work phone numbers
- Organization
- Publication
- Recommendations
- Status
- Date












