Two alleged hackers, aged 22 and 15, were indicted, suspected of belonging to the “Dumpsec” group, targeting private or public actors, such as the National Assembly, the Paris prosecutor’s office said on Tuesday June 16.
Several tens of millions of data and more than 1,500 companies or entities (including, also, the DIY brand Leroy Merlin, various sports federations or medical sites, etc.) would have been in the sights of these hackers, the Anti-Cybercrime Office (OFAC) specified last week.
The two young people accused are being prosecuted for the offenses of attacks on an automated data system, explained the Paris prosecutor’s office. Seven people were arrested during the dismantling of this group specializing in the extraction and resale of sensitive computer data, OFAC announced last Thursday. The fate of the others arrested was not mentioned by the Paris prosecutor’s office.
Arrests throughout France
“These are young French hackers in search of notoriety and believing themselves to be out of reach,” presented Commissioner Julie Benoit, head of the cyber investigations unit at OFAC. The arrested are described as “minors or young adults”, “often self-taught” and “totally uninhibited”.
The various attacks had been claimed in the media and the data put up for sale on forums such as BreachForums. “We have a strategy that is clear: cross-check, identify, neutralize,” assured Commissioner Benoit.
The investigation, led by the Rennes branch of the Anti-Cybercrime Office, began in November 2025, following a computer attack targeting “a company based in Rennes”, the OFAC revealed last week.
The arrests took place throughout the territory with the mobilization of different branches of the Office, in Lille, Marseille, Strasbourg, Poitiers, Bordeaux and Limoges. During the searches, investigators seized several digital media, subject to analysis.
