Cyber Incident Victim: Naval Group
Date:
Jul 2025
Location:
France
Summary
Naval Group, a French defense contractor, was targeted by a cyberattack that was claimed by an unknown actor, with allegations that confidential data were exfiltrated. According to cybersecurity expert Clément Domingo, the stolen material includes a top‑secret content management system for submarines and frigates complete with source code, technical classification documents, and developer virtual machines containing French navy simulators. The company has not confirmed the breach but has activated its CERT to investigate the incident. The company also warned that cybersecurity threats are increasing amid growing geopolitical tensions and a rise in systemic attacks.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On the night of July 22‑23 2025, a cyberattack against the French defense industrial company Naval Group was claimed. The claim asserted that confidential data had been exfiltrated from the company’s systems. Cybersecurity specialist Clément Domingo stated that the allegedly stolen material included a top‑secret command‑and‑control system (CMS) source code for submarines and frigates. Domingo also said that technical documents bearing classification markings were among the taken files. He further noted that virtual machines used by developers, which contain French navy simulators, were reportedly in the attacker’s possession. The described data set is characterized as sensitive and related to Naval Group’s submarine and frigate programs.
Naval Group has not publicly confirmed that the attack occurred. In response to the claim, the company activated its internal Computer Emergency Response Team (CERT) to investigate the incident. The CERT is conducting an analysis to determine whether a breach took place and what information, if any, was compromised. Naval Group emphasized that the incident highlights the growing cybersecurity challenges faced by defense contractors. The company pointed to increasing geopolitical tensions and a rise in systemic cyber attacks as factors driving the heightened threat landscape. Naval Group warned about the growing cybersecurity challenges posed by geopolitical tensions and increasing systemic attacks.