-
A 22-year-old suspect reputed to be a computer hacker with the name “SSRQM” was apprehended near the city of Limoges following a significant cyberattack against the Interior Ministry of the French Government.
-
Exposed in the attack were sensitive police databases, including both the personal information of arrested persons and terrorism watchlists.
-
The suspect, having ties to past cybercrime offenses, could serve a sentence of up to ten years in jail if charged with the attack.
Melvin L, also known as “SSRQM,” was taken into custody at his mother’s residence on Wednesday afternoon and is believed to have played a key role in committing the attack against the French Government’s most secure and private databases.
Access to France’s Most Secret Files
Hackers managed to penetrate two critical police systems that should have been impenetrable. The first is the TAJ, or criminal records processing system. The database lists every citizen questioned as a suspect or victim in police cases, along with details of their offenses.
The second target was far more alarming. The FPR, or wanted persons file, contains information on individuals monitored by authorities or subject to arrest. This includes the infamous “S files”—people flagged as potential threats to the state.
The Interior Ministry revealed that attackers pulled out almost 100 files during the incident. Interior Minister Laurent Nuñez explained that the attackers allegedly accessed messaging services belonging to law enforcement members. From there, they recovered passwords through “clear” email exchanges—meaning unencrypted messages.
This revelation exposes either reckless behavior by officials or a serious security failure. Why did they share such sensitive credentials via standard email? The implications are deeply troubling, and they highlight a recurring pattern of sensitive French data being exposed, as seen in incidents like the Dutch firm Eurofiber’s data breach that exposed French customer data on the darknet.
But the attack method might be more sophisticated than it appears. Access to TAJ and FPR databases theoretically requires connection through Cheops, a secure portal dedicated to the Interior Ministry. Only approved police or gendarmerie devices can normally connect using a specialized network. Authorities do not consider a regular internet connection capable of this.
A group of bad actors, ShinyHunters, claimed to have a hand in the attack online. Investigators have not verified this claim yet. Authorities have not confirmed whether Melvin L. is part of this notorious team.
A History of Digital Mischief
Melvin L. remains in police custody at the Anti-Cybercrime Office of the judicial police in Nanterre. Authorities are investigating him for ‘attacking an automated processing system of personal data implemented by the State as part of an organized gang. So far, the suspect has remained silent.
At this stage, his lawyer, Julien Zanatta, declined to make any comment. The young man’s precise role remains unclear. Was he the direct perpetrator? An accomplice? An intermediary providing technical support?
What investigators do know is that Melvin L. has a track record. He’s already known for various cybercrime offenses and online scams, which helped authorities identify him quickly. His profile suggests investigators are leaning toward this being a challenge between immature young hackers rather than a foreign intelligence operation—a pattern seen in other major breaches, such as the recent arrest of a teen hacker in Spain for the alleged dark web sale of 64 million citizens’ data. Authorities haven’t ruled out the possibility that he carried out commissioned work for a hostile entity.
Authorities have currently indicted Melvin L. in a separate ‘swatting’ case—online hoaxes designed to trigger armed police responses. During investigations into cyberharassment targeting French influencer and anti-Islam activist Mila, authorities discovered he had created a technical device that enabled certain internet users to carry out such attacks.
Last April, he faced trial for involvement in a “SIM Swap” scam. This fraud involves hijacking people’s phone lines through fraudulent portability declarations. Hackers then bypass SMS authentication systems to access cryptocurrency accounts and trading platforms. In that case, a group of young hackers used this method to steal tens of thousands of euros from French victims.
Paris’s Brigade for the Fight against Cybercrime identified Melvin L. under the pseudonym ‘SSRQM,’ according to reports from the news site Les Jours. Allegedly created a Telegram bot that generated RIO numbers—codes necessary for requesting line portability from telecom operators.
He reportedly developed an ingenious mathematical calculation by cross-referencing phone numbers with operator contracts. He was convicted in that case, but he appealed the judgment and has never served jail time.
A self-taught computer genius, Melvin L. reportedly dropped out of high school near Limoges during the COVID-19 pandemic. He was once suspected of hacking that school’s computer system. Before turning to darker digital pursuits, he allegedly attempted legitimate online sneaker trading.
Considering his time in custody, an investigating judge specializing in cybercrime could order him to appear. If authorities charge him with this attack, SSRQM could face up to 10 years in prison.
