Cyber Incident Victim: SONADEV

On April 10, 2024, Saint-Nazaire agglomeration, the Ville de Saint-Nazaire, and SONADEV experienced a disruptive cyberattack that compromised their shared network infrastructure. Employees arriving for work that morning received immediate instructions not to power on computers or access email accounts via mobile devices, indicating a precautionary lockdown of IT systems. The attack impacted SONADEV, the agency responsible for territorial development in Saint-Nazaire, alongside the municipal and regional government networks. By early morning, crisis management protocols were activated as technical teams initiated diagnostic procedures to assess the intrusion's scope. Initial reports confirmed the attack affected multiple operational units, including municipal media libraries, though the full extent remained unverified during initial response efforts. Information technology departments prioritized network security reinforcement while working to determine the attack vector and potential data exposure.

The incident involved a crypto-virus resembling the 2021 attack against Angers, though attribution and precise malware characteristics remained undetermined. SONADEV confirmed its operational continuity measures, maintaining public access to physical offices and real estate listings via its unaffected website. Commercial operations continued via landline telephones at 02 40 22 96 90, while project management teams relied on smartphones for client communications. Despite these adaptations, full restoration of digital services faced indefinite delays, with recovery expected to occur incrementally. Personnel from all three entities remained mobilized to mitigate service disruptions, though the attack’s impact on personal data storage systems had not been conclusively evaluated. Diagnostic and containment activities persisted beyond the initial outbreak date, with no confirmed timeline for normalized operations.