Cyber Incident Victim: Bain-de-Bretagne

The cyberattack targeting Bain-de-Bretagne, a municipality in Ille-et-Vilaine south of Rennes, occurred in late February 2025, immediately preceding the local school term resumption. Municipal authorities publicly disclosed the incident on February 24, 2025, through their official website, though the precise attack vector remained unspecified. Within one week of initial compromise, the attack caused extensive operational disruptions across municipal services, with Mayor Myriam Gohier confirming that nearly all systems remained non-functional during this period. Technical recovery efforts focused on the complete reinstallation of software across more than 100 affected workstations, a process requiring significant time due to the scale of impacted endpoints. While the municipality projected a return to normal operations by early March, the attack forced sustained manual workarounds for core administrative functions throughout the disruption window.

Investigative authorities reportedly explored potential Russian involvement in the attack's origination, though no attribution claims or technical evidence substantiating this theory were publicly confirmed. The incident's primary operational impact centered on paralyzing digital municipal services, though physical administrative operations continued through alternative procedures. No data exfiltration, ransomware notes, or financial motives were explicitly referenced in initial reports. Restoration priorities emphasized rebuilding compromised workstations rather than implementing immediate countermeasures against future threats. Municipal leadership maintained public updates regarding recovery timelines while refraining from detailing budgetary impacts or third-party forensic involvement in remediation efforts.