La Banque Postale

La Banque Postale, headquartered in France, operates as the country's national provider of both postal and banking services. Its postal arm handles package tracking and the delivery of mail and parcels across the French territory. The banking arm offers a range of digital channels, including online platforms and mobile applications, as well as transactional systems for payments and account management. In addition to digital services, the organisation maintains a network of physical branches where customers can conduct in‑person transactions. A notable operational capability observed during a recent incident is the ability to shift banking approvals to text‑message‑based verification when online systems are unavailable. These combined functions position La Banque Postale as a dual‑service entity that serves the general public and businesses throughout France. The organisation’s role as a national postal and banking provider is underscored by its responsibility for maintaining critical communication and financial infrastructure.

On 22 December 2025, La Banque Postale experienced a suspected distributed denial‑of‑service (DDoS) attack that disrupted its online platforms, mobile applications and transactional systems. The outage interfered with package tracking, delayed deliveries and hindered online banking payments, while in‑person transaction services remained operational. To preserve continuity of banking approvals, the organisation temporarily relied on text‑messaging for customer verification during the incident. Investigations confirmed that customer data was not compromised in the attack. The disruption occurred amid a period of heightened cybersecurity attention in France, following several incidents that had targeted government entities, although no direct link was established between those events and the DDoS attack. French authorities launched an investigation into the source of the disruption, and service restoration efforts were undertaken, though no group immediately claimed responsibility for the attack. The episode highlighted the organisation’s reliance on digital channels and the importance of alternative verification methods in maintaining service resilience.