By connecting to e-campusthe online training platform of the National Policethousands of agents were unaware that their data had just been siphoned off. The General Directorate of the National Police has confirmed a hack that remained invisible almost a month before being detected.
According to an internal email relayed on social networks, more than 170,000 active, administrative and contractual police officers are concerned, i.e. the vast majority of e-campus users. An attack which targets an external service provider and which raises sensitive questions about the concrete risks for agents.
Cyberattack e-campus National Police: what do we know about hacking?
The e-campus platform, managed by an external company, was targeted on March 17 and 18, 2026. “Identification data of active, administrative and contractual police officers were consulted by a malicious actor. This data is not linked to police files,” specifies the General Directorate of the National Police cited by franceinfo.
The hack went unnoticed until mid-April, when cybersecurity expert Clement Domingoalias SaxX, relayed the alert email addressed to the police on X. “This data may seem trivial but it is not. By cross-referencing it with the millions of personal data already hacked, it exposes and puts in danger +170,000 police officers,” explains the researcher, who evokes a dissemination of information on the dark web.
Cyberattack National Police: what data from 170,000 police officers was leaked?
The compromised data remains essentially professional, but its volume is impressive. This concerns the surnames, first names, service email addresses, as well as the city, country and time zone entered in e-campus. Added to this are traces of use of the platform: dates of first and last connection, modules followed, badges obtained, portals consulted.
For attackers, this precise profiling is an ideal tool for carrying out phishing targeted, this technique which consists of sending very credible false emails in order to steal identifiers. By citing an actually completed module or a newly obtained badge, a fraudulent message imitating e-campus or the hierarchy could trap even experienced agents.
E-campus cyberattack: what are the risks now and what is the National Police doing?
As soon as the incident was detected, the police explained that they reacted without delay. “Immediate corrective measures were taken to contain the incident, secure access and assess the extent of the compromise,” assures the DGPNalways cited by franceinfo. Access to e-campus has been gradually restored, but the internal investigation continues to understand how the service provider could have been compromised.
Beyond the police case, this case reminds us of the fragility of public services and businesses when service providers manage sensitive platforms such as training tools. The agents concerned are asked to be extra vigilant in the face of unexpected emails, to systematically check the sender’s address, to report any suspicious attempts and to change passwords reused elsewhere.