France Éducation international, the operator of the French Ministry of National Education responsible for organizing the DELF and DALF examinations, wishes to inform candidates and diploma holders that a cybersecurity incident targeted a computer platform used for the pedagogical and administrative management of these examinations between January 9 and January 12, 2026.
According to current investigations, a malicious actor compromised access accounts and consulted and extracted certain personal data. As soon as the incident was detected, immediate measures were taken to stop any further data exposure. Access to the affected platform was suspended as a precautionary measure, and in-depth technical investigations and analyses are ongoing.
This incident potentially concerns approximately 5.8 million DELF and DALF candidates and diploma holders who have been registered since 2005.
The data that may have been exposed is strictly limited to civil status information, including:
title,
last name,
first name,
birth name,
date, country, and city of birth,
nationality,
native language,
first examination center of registration.
Examination results and diplomas have not been affected by this incident. Furthermore, France Éducation international does not process any banking or financial data on its platform; therefore, no financial information could have been compromised, even if registration fees were paid online. No postal addresses, email addresses, or telephone numbers were exposed.
At this stage, the main identified risks are:
identity theft,
loss of control over compromised personal data,
phishing attempts, particularly if the stolen information is combined with data from other sources.
As a precautionary measure, France Éducation international recommends that individuals:
remain vigilant regarding unsolicited messages or calls requesting personal information,
never share identity documents without proper verification,
avoid clicking on links or attachments from uncertain sources,
be cautious of urgent requests claiming to be official.
The protection of personal data is a top priority for France Éducation international. Security measures are currently being strengthened. The incident has been formally reported to the relevant French authorities, including the National Commission on Informatics and Liberty (CNIL) and the National Cybersecurity Agency (ANSSI), and a criminal complaint has been filed. The affected platform will only be restored once sufficient security guarantees are in place to prevent any recurrence.
France Éducation international sincerely regrets this situation and remains fully mobilized to limit its impact. For further information or questions, individuals may contact the Data Protection Officer of France Éducation international. A dedicated FAQ is also available and will be updated regularly.
France Éducation international thanks you for your understanding.
