The La Poste cyberattack disrupted France’s national postal service just days before Christmas, temporarily knocking key websites and mobile applications offline and slowing parcel deliveries during one of the busiest periods of the year.
La Poste confirmed that the incident was caused by a distributed denial-of-service (DDoS) attack, which impacted digital systems supporting postal operations. While the company stated there was no evidence that customer data had been compromised, it acknowledged that the cyberattack affected parcel distribution and access to online services.
The timing of the La Poste cyberattack raised concerns among customers expecting holiday deliveries. Social media users reported delays and uncertainty around parcel arrivals, while French media outlets noted that some people attempting to send or collect packages were turned away from post offices operating under limited capacity.
With Christmas being one of the most demanding periods for the postal network, even short-lived disruptions created visible operational challenges.
La Poste Cyberattack Linked to DDoS Incident
According to company, the La Poste cyberattack involved a DDoS attack that overwhelmed parts of its digital infrastructure. As a result, several online platforms became unavailable, and some post offices were forced to operate at reduced capacity.
Despite the disruption, customers were still able to carry out essential postal and banking transactions at physical counters. “Our teams are fully mobilised to restore services as quickly as possible,” La Poste said in its Twitter post, noting that remediation efforts were ongoing.
Cyberattack on La Poste Impacts La Banque Postale Services
The La Poste cyberattack also affected La Banque Postale, limiting customer access to online banking services and the bank’s mobile application. In a public statement shared on social media, the bank acknowledged the incident and assured customers that its teams were working to resolve the issue.
“A computer incident has temporarily unavailable access to our customers’ mobile app and online banking. Our teams are working to resolve the situation as quickly as possible. Online payments are possible with SMS authentication,” the bank said.
While digital access was disrupted, card payments at in-store terminals, ATM withdrawals, and SMS-authenticated online payments remained functional, reducing the impact on day-to-day financial transactions.
Recent Cyber Incidents in France
The La Poste cyberattack occurred against the backdrop of several recent cyber incidents in France involving major public institutions. Last week, France’s Interior Ministry disclosed a data breach that resulted in unauthorized access to internal email accounts and confidential documents.
On December 17, 2025, authorities arrested a 22-year-old man in connection with the Interior Ministry cyberattack after an investigation led by the Paris prosecutor’s cybercrime unit. The suspect faces charges including unauthorized access to a state-run automated personal data processing system, an offense that carries a potential prison sentence of up to 10 years.
Earlier, in November 2025, the French Football Federation confirmed a separate breach in which attackers used stolen credentials to access centralized membership management software. The incident exposed personal information belonging to licensed players registered through clubs nationwide.
At the time of writing, La Poste has not attributed the cyberattack to any specific threat actor, and the source of the disruption remains unknown. The Cyber Express Editorial team has contacted the company for further clarification, but no response has been received so far.
