Rapid detection against an intrusion in the French Shooting Federation

On October 20, 2025, the French Shooting Federation (Fédération Française de Tir, FFTir) detected a cybersecurity incident affecting its ITAC information system. The intrusion reportedly occurred between October 18 and 20, but the organization did not release its official statement until several days later, when it confirmed the nature of the attack. This situation quickly raised concerns, given the size of the federation and the sensitivity of the data involved. 

The attack consisted of unauthorized access that allowed attackers to extract personal information from sport shooters, hunters, and individuals with firearms licenses registered with the FFTir. Potentially compromised data includes first names, last names, dates and cities of birth, and email addresses. The federation stated that no bank details or direct information on gun ownership is stored, so these would not have been affected. As a security measure, the servers involved were disconnected, an internal investigation was launched with the help of cybersecurity experts, and the incident was reported to the relevant authorities, including ANSSI and CNIL. In addition, users were advised to exercise extreme caution against possible fraud or phishing attempts.

While the FFTir strives to fully restore and secure its digital infrastructure, official bodies and experts continue to investigate the incident. Cybermalveillance.gouv.fr and other agencies have provided advice to those affected, emphasizing the importance of being alert to suspicious communications and the potential misuse of their information. The federation has indicated that, in the future, it will intensify its cybersecurity measures and collaborate with the authorities to fully clarify the attack, determine its final impact, and prevent the occurrence of a similar incident.