According to cybersecurity analysts and European media reports, France was the European country most affected by major cyber attacks and data leaks in the first month of 2026.
According to the Journal du Dimanche (JDD), more than 100 incidents of varying scale were recorded in the first four weeks of January, resulting in hackers stealing around 60 million lines of data. Up to 30 million citizens of the country were directly threatened with identity theft, fraud and privacy violations.
Among the most high-profile cases in January were:
The discovery of an open database containing 45 million records of French citizens (including electoral rolls, medical data, financial information, vehicle data and CRM systems). Cybernews researchers believe that this is an aggregated collection compiled from several previous leaks.
A large-scale attack on the national postal operator La Poste (a powerful DDoS attack in early January that disrupted postal and online banking services for several days).
A series of ransomware attacks and leaks in the telecommunications and industrial sectors, including incidents involving Orange, Peugeot Motorcycles (267 GB of data leaked) and other companies.
Experts attribute the surge in attacks to several factors: increased activity by ransomware groups at the beginning of the year, the use of France as a ‘testing ground’ for new techniques, and the accumulated volume of vulnerabilities in the public sector and critical infrastructure.
‘January 2026 showed that cybercrime has reached a new level of intensity and audacity. France, unfortunately, found itself at the epicentre of this wave,’ said a representative of one of Europe’s leading cyber threat monitoring companies.
According to preliminary estimates from specialised reports (including reviews by CM-Alliance and SharkStriker), France leads other Western European countries in terms of the number of major incidents recorded in January 2026.