Cyberattack Disrupts French Postal and Banking Services
On January 1, 2026, French postal and banking services experienced significant disruptions due to a cyberattack. Reports from French radio RFI indicated that both La Poste and La Banque Postale faced substantial accessibility issues with their websites and mobile applications. A notice on the La Poste homepage addressed the situation directly, stating, “The laposte.fr website and all of La Poste’s information systems are currently facing a cyberattack.” Consequently, many customers found themselves unable to access essential banking services through La Banque Postale.
A Pattern of Denial-of-Service Attacks
This incident marks the continuation of an ongoing challenge for La Poste, following a previous denial-of-service (DDoS) attack that occurred from December 22 to December 26, 2025. That earlier attack, aimed at overloading servers to hinder access, affected services such as parcel tracking. Fortunately, regular deliveries were not impacted. Authorities indicated that the hacker group NoName057(16), known for its pro-Russian affiliations, claimed responsibility for the December disruption. La Poste responded by filing a formal complaint, asserting that customer data remained secure since DDoS attacks do not involve unauthorized system access.
Investigation and Security Measures
Following the latest cyberattack, the Paris prosecutor’s office initiated an investigation, assigning the case to the General Directorate for Internal Security (DGSI) and the national cyber unit. The threats from NoName057(16) are notable, as the group has been linked to a variety of cyberattacks targeting Ukrainian media and government entities, as well as corporate websites in several European nations, including Poland and Sweden.
Operational Limitations Due to Cyber Incidents
Both incidents had a tangible impact on operations. Digital access to La Poste was limited during the attacks, requiring some physical post offices to adjust their operations accordingly. Despite these setbacks, customers retained the option to conduct basic postal and banking transactions at physical locations. La Poste announced via Twitter that its teams were “fully mobilized to restore services as quickly as possible” and assured users that parcel deliveries would continue amidst the disruptions. Likewise, La Banque Postale acknowledged the issue through social media, stating: “A computer incident has temporarily made our mobile app and online banking inaccessible. Our teams are working to resolve the situation as quickly as possible.”
Card payments at retail locations, ATM withdrawals, and SMS-authenticated online transactions remained unaffected, which helped mitigate the overall impact on daily financial activities.
Wider Context of Cyber Threats in France
The recent DDoS attack on La Poste coincides with a broader pattern of cyber incidents affecting public institutions in France. On December 17, 2025, a 22-year-old was arrested for allegedly breaching the Interior Ministry, gaining access to sensitive email accounts and documents—potentially facing a prison sentence of up to 10 years. Just a month earlier, in November 2025, the French Football Federation reported unauthorized access to its membership management software, resulting in the exposure of personal data for registered players nationwide.
While La Poste has yet to directly link this latest cyberattack to a particular group, these recurring incidents underline the increasing challenge of safeguarding vital public and financial infrastructure from such threats. The recent attacks on La Poste and La Banque Postale showcase just how vulnerable these essential services are to cyberattacks. Although customer data remained uncompromised, both organizations are focused on restoring complete digital services while cooperating with authorities including the DGSI for ongoing investigations. Customers are encouraged to stay updated through official communication channels regarding service accessibility.
