Among the long list of electoral interference attempts in recent years, one case is especially important to study: the 2017 French presidential election, because it failed. It failed in the sense that the result of the election did not coincide with the aim of the attackers. There was a coordinated attempt to undermine Emmanuel Macron’s candidacy, with a disinformation campaign consisting of rumors, fake news, and even forged documents; a hack targeting the computers of his campaign staff; and, finally, a leak—15 gigabytes (GB) of stolen data, including 21,075 emails, released on Friday, May 5, 2017—just two days before the second and final round of the presidential election. This leak was promoted on Twitter by an army of trolls and fake accounts (bots), with the hashtag #MacronLeaks appearing in almost half a million tweets in twenty-four hours, and so the attack is now remembered as “the Macron Leaks.” However, the leak itself was only the pinnacle of a coordinated operation that started months before, with a disinformation campaign and a hack. Therefore, we should rather speak of a “Macron Leaks” operation, which did not sway French voters and change the result. Winning 66.1 percent of the vote, Macron defeated Marine Le Pen, the far-right candidate. The aim of this report is to provide the most detailed single account to date of the “Macron Leaks” operation. With the benefit of hindsight, it explores what happened, who (likely) orchestrated the affair, how it was successfully countered, and what lessons can be learned. In conclusion, it will also explain what France has accomplished since then in order to fight information manipulation and what is yet to be done.
