Cyber Incident Victim: Département de la Réunion
Date:
Nov 2024
Location:
France
Summary
A cyberattack targeted the IT systems of the Département in Saint-Denis, Réunion, prompting an immediate response from technical teams to contain the breach. Network connections were temporarily severed as a precaution, and a limited data leak was confirmed, though the perpetrators and motives remain unidentified. A crisis unit assessed impacts while police and data protection authorities were notified. Email services and several public platforms were disrupted, though departmental operations continued via phone contact. Officials emphasized ongoing efforts to restore systems, strengthen security, and provide public updates while urging vigilance.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On November 13, 2024, the IT systems of the Département of Réunion in Saint-Denis, France, experienced a cyberattack. The attack prompted immediate containment measures by the organization’s IT teams, who isolated the incident by temporarily disconnecting all external-facing networks to prevent further propagation. Initial assessments confirmed a limited data breach, though the scope and nature of the compromised information were not disclosed. The attack disrupted email services and rendered several public-facing platforms temporarily inaccessible to users, though departmental services remained operational via telephone communications. A crisis management unit was activated to evaluate impacts and coordinate restoration efforts, prioritizing the resumption of critical systems. Authorities initiated a police complaint and notified France’s data protection authority, the CNIL, in compliance with regulatory obligations.
The Département maintained public service continuity despite the disruption, with physical offices remaining open and staff continuing core operations. President Cyrille Melchior publicly acknowledged the incident, emphasizing ongoing efforts to investigate its full extent and strengthen system security while urging vigilance among stakeholders. Regular updates were pledged as restoration progressed, though no timeline for full recovery was provided. The attackers’ identity and motives remained undetermined at the time of reporting. No ransomware claims or explicit threats were cited in available communications. The Département reiterated its commitment to minimizing service interruptions and thanked users and partners for their cooperation during the incident response.