France’s La Poste and La Banque Postale Crippled by “Unprecedented” Cyberattack
La Poste and La Banque Postale Hit by a Massive Cyberattack
Millions of users across France were cut off from key online services on Thursday, January 1, 2026, after La Poste and La Banque Postale suffered a massive distributed denial-of-service (DDoS) attack.
The disruption, which lasted nearly 14 hours, left customers unable to access their banking portals, transfer funds, or even track parcels — marking one of the largest cyber incidents to ever hit the French postal group.
What Happened?
According to La Poste, the attack began around 3:30 a.m. and progressively crippled core digital services throughout the morning. Systems were finally restored by late afternoon, around 5 p.m.
The following services were affected:
La Banque Postale’s online banking — users couldn’t log in or make transactions.
Colissimo parcel tracking — unavailable for both private and business customers.
Digiposte (digital document storage) — temporarily inaccessible.
Laposte.net email services — experienced long loading times and login errors.
This wasn’t an isolated event. The same networks were targeted just ten days earlier, during the busy Christmas period — a previous attack that lasted almost a week.
“An Unprecedented Scale” of Attack
La Poste described the January incident as being of “unprecedented scale”, reporting “billions of connection attempts per second” directed against its infrastructure.
Experts classify this as a DDoS attack, a method where attackers flood servers with traffic using networks of hijacked devices (often called botnets), overwhelming systems until they go offline.
The timing of the attack — during the holiday season when online transactions spike — highlights the growing sophistication and opportunism of hostile cyber groups.
READ ALSO: La Poste Hit by Another Major Cyberattack on New Year’s Day
Who’s Behind the Attacks?
Investigators have linked the attacks to NoName057(16), a pro-Russian hacker collective notorious for targeting Western countries supporting Ukraine.
Active since March 2022, this group has claimed responsibility for similar cyber offensives against institutions across Europe, including government websites, media outlets, and financial organisations.
According to the Paris Prosecutor’s Office, NoName057(16) has launched over 2,200 cyberattacks against more than 200 French entities in recent years.
Although European authorities, including Europol and Eurojust, announced a major operation codenamed “Eastwood” in mid-2025 intended to dismantle the group, the latest attacks suggest its networks may still be functional.
READ MORE: Massive Cyberattack Hits Mondial Relay: French Parcel Giant Confirms Data Breach Amid Holiday Chaos
Ongoing Investigation
La Poste has confirmed that a formal complaint has been filed and an investigation opened by the Paris prosecutor’s office, with support from the General Directorate for Internal Security (DGSI) and the French National Cyber Unit.
The company insists that no customer data was compromised, since DDoS attacks disrupt services but do not directly breach or steal information.
Meanwhile, physical mail delivery and parcel distribution continued as normal, reassuring millions of customers who rely daily on La Poste’s national network.
READ MORE: Banking Chaos Before Christmas: La Banque Postale and Other French Banks Hit by Second Major Outage in Three Days
France’s Growing Cybersecurity Challenge
France has faced a sharp rise in politically motivated cyberattacks over the past two years, especially against public institutions and banking infrastructure.
Cybersecurity experts warn that this surge mirrors broader geopolitical tensions, with state-linked hacker groups using DDoS campaigns to sow disruption rather than steal money.
In response, French authorities and businesses have ramped up investments in cyber defense systems, AI-driven traffic filtering tools, and international cooperation initiatives to detect and neutralise threats faster.
How This Affects You
If you’re a customer of La Poste or La Banque Postale:
Check service updates on official websites or social media before performing online transactions.
Enable two-factor authentication (2FA) wherever possible to strengthen your account security.
Stay alert to phishing messages — attackers often exploit public confusion during outages.
Follow cybersecurity best practices, such as updating passwords and software regularly.
The recent attacks serve as a powerful reminder that no organisation — not even national postal or banking systems — is immune to cyber disruption.
Enjoyed this? Get the week’s top France stories
One email every Sunday. Unsubscribe anytime.
