A wave of panic swept through the media and social networks due to the alleged cyberattack on the Family Allowance Fund (CAF). However, the real target was a platform of the Ministry of Sports, Youth, and Community Life. Here’s a look back at a confusion that took on unexpected proportions.
The 3 key facts not to miss
- The CAF was not hacked; it was a platform linked to the Ministry of Sports that fell victim to a cyberattack.
- The hacker group Dumpsec is behind the attack, having stolen 22 million records.
- The Ministry of Sports confirmed the intrusion and announced measures to contain the damage.
Media confusion around the CAF
For more than twenty-four hours, the information that the CAF had been hacked circulated continuously. This rumor was fueled by a French cybercriminal who claimed to be behind this exploit. However, it was actually a manipulation. The real target was a platform of the Ministry of Sports, associations.gouv.fr, dedicated to associations.
Clément Domingo, also known as SaxX, an ethical hacker, expressed his skepticism about this alleged attack on the CAF from the start. Today, it is confirmed that the CAF was never affected by this cyberattack.
The real hacking: a platform of the Ministry of Sports
The hacker group Dumpsec orchestrated the attack on the platform associations.gouv.fr on November 3, 2025. By posing as a legitimate association, they exploited a security flaw to extract 22 million records in a single night. This group, already known for its similar operations, even published details about their method, illustrating a sense of impunity.
The revelation of these facts comes six weeks after the initial attack, due to a quarrel between Dumpsec and a fabricator who falsely claimed responsibility for the attack, thus threatening their “business.” Dumpsec then decided to release evidence to claim their action.
Reaction of the Ministry of Sports and impact on citizens
The Ministry of Sports officially acknowledged the intrusion on December 19 and specified that the Pass Sport was indeed the target of the cybercriminals. A statement relayed by BFMTV mentions a “data exfiltration” and the implementation of measures to mitigate the consequences of the attack. A complaint will be filed, and the CNIL will be seized within 72 hours.
About 3.5 million households are affected by this massive data leak. The ministry is committed to quickly informing the affected individuals and providing them with “security recommendations.” Meanwhile, Dumpsec has already revealed its intention to monetize the stolen data, highlighting a new flaw in the security of digital public services.
The Dumpsec group: a known player in cyberattacks
Dumpsec is a notorious hacker group, accustomed to this type of operation. Their expertise in cybercrime has already manifested itself several times, with targeted attacks on various institutions. This latest attack on a government platform illustrates their ability to exploit security flaws with formidable efficiency.
Dumpsec’s method often relies on concealment and identity theft, posing as legitimate entities. Their transparency about their processes demonstrates their confidence in a system they perceive as vulnerable and unable to effectively pursue them.
