Cyber Incident Victim: Maison de l'entreprise
Date:
Feb 2023
Location:
France
Summary
A cyberattack targeting an Auxerre-based organization housing multiple educational and training entities resulted in complete paralysis of its data systems through file encryption, rendering all information inaccessible. The incident, described as part of a broader international campaign affecting hundreds of thousands of systems simultaneously, prompted investigations by national cybersecurity agencies, specialized cybercrime units, and local law enforcement, with jurisdiction transferred to Paris authorities due to the attack's nationwide scale. Security officials noted prior efforts to train police personnel and identify vulnerable stakeholders following increased regional focus on protecting small businesses from such threats. Operations remained disrupted as response efforts continued.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On February 20-21, 2023, the Maison de l'entreprise in Auxerre experienced a cyberattack that paralyzed its entire data system. The attack began overnight between Monday, February 20 and Tuesday, February 21, with attackers encrypting files across the organization's network. Claude Vaucouloux, director of the Ifag business school housed within the facility, confirmed the incident on Thursday, February 23, stating all systems became completely inaccessible. The Maison de l'entreprise hosts multiple educational institutions including Ifag, Epsi, Itii, IET, and Pôle Formation 58-89, all of which were affected by the encryption attack. Vaucouloux described it as part of an international incident targeting hundreds of thousands of systems simultaneously, though he declined to specify operational impacts on the management school. By Thursday evening, the attack remained ongoing with no restoration timeline provided.
Authorities mobilized multiple response units, including France's National Cybersecurity Agency (ANSI) and the National Sub-Directorate for Combating Cybercrime (SDLC), alongside local police. The Auxerre public prosecutor's office transferred jurisdiction to Paris prosecutors due to the attack's national scale. Sébastien Halm, Departmental Director of Public Security for Yonne, emphasized police prioritization of SME protection against cyber threats, referencing a 2022 awareness campaign targeting local organizations. Police had trained specialized agents to handle such incidents prior to the attack. No ransom demands or data theft claims were disclosed in available reports, with investigators focusing on system recovery and forensic analysis while maintaining operational silence about potential perpetrators or motives.