New Delhi: A major European defence company has found itself in the middle of a messy cyber incident. French military shipbuilder Naval Group, best known for its submarines and frigates, is now scrambling to deal with a data leak after hackers published 30 gigabytes of files online. As per a Financial Times report, the attackers claim this is just a small chunk of a much larger trove, reportedly up to 1 terabyte.
Naval Group, partly owned by the French government and defence firm Thales, builds high-end naval vessels not just for France, but for other countries too. The leaked data, if genuine, could have serious national security and diplomatic consequences.
Position de Naval Group / Naval Group Statement. pic.twitter.com/weUU4N7LM8
— Naval Group (@navalgroup) July 26, 2025
What exactly has been leaked?
The hackers say the files relate to Naval’s combat management systems, which control key functions of submarines and warships. These systems handle tasks like navigation, sonar tracking, targeting, and communication, all of which are sensitive for obvious reasons.
Naval Group said on Saturday evening, “All our teams and resources are currently mobilised to analyse and verify the authenticity, origins and ownership of the data as quickly as possible.” At the time of writing, no operational impact has been confirmed.
Why this matters
Let’s be real, a leak like this isn’t just a reputational mess. If true, it puts a spotlight on how fragile cybersecurity still is, even inside high-security defence contractors. Naval Group is the backbone of France’s naval defence industry. It’s also working on several international projects. A leak tied to its combat systems is a big deal.
The company called the attack “reputational” and stressed that no systems have been breached. Still, cyber experts say even the claim of access can have long-term consequences. The company hasn’t reached out to the hackers, sticking to its internal cybersecurity rules.
Hackers publish, don’t demand
Interestingly, no ransom demand has been made. Usually, in such leaks, attackers go public only after failed negotiations. But here, they directly dumped the data onto an online forum.
This could mean several things:
- The attackers may be politically motivated
- It could be a show of power, not profit
- Or maybe the ransom was demanded from someone else, not Naval
France on alert
The French Ministry of Defence has declined to comment so far. Naval Group has reported the matter to local legal authorities and is working closely with government agencies. Given that the company is majority-owned by the state, it’s likely that intelligence services are now involved.
No formal attribution has been made yet. But in this kind of case, fingers usually point toward state-backed actors, especially when the motive seems less financial and more disruptive.
The Thales angle
Naval Group is not entirely state-owned. Thales Group holds a 35 percent stake. Thales is a key player in the global defence electronics space, and any data loss at Naval could ripple into Thales’ systems or projects. That said, so far, there’s no indication Thales has been affected.
What happens next?
Naval Group says it is still verifying the data. That step is crucial. If the files are real, more action will follow, likely involving both legal and diplomatic steps. If the data is fake or old, it will still hurt, but the company might ride it out with less damage.