Cyber Incident Victim: Mairie de Val-de-Reuil
Date:
Sep 2024
Location:
France
Summary
A cyberattack targeted the municipal network of Val-de-Reuil, causing unusual technical anomalies that prompted an investigation supported by the national cybersecurity agency. No evidence of personal or confidential data leakage was identified. Precautionary measures included suspending internal phone and internet services for 24-48 hours, though critical phone lines for city departments remained operational with external provider assistance. Systems hosted externally—such as schools, daycare centers, and a theater—along with the independent video surveillance infrastructure, were unaffected. Restoration efforts prioritized phone line reactivation within days, with full internet access anticipated shortly thereafter. Residents were directed to the city’s website for communication during the disruption.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 0 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On September 5, 2024, the municipal government of Val-de-Reuil, France, detected unusual anomalies on its internal IT network, prompting an investigation that confirmed a cyberattack. The city announced the incident publicly the same day, attributing it to unidentified hackers but disclosing no specific technical details about the intrusion method or attacker identity. With assistance from France’s National Cybersecurity Agency (ANSSI), the municipality initiated forensic analyses to determine the attack’s origin, though the source remained undetermined at the time of reporting. Immediate operational impacts included the precautionary shutdown of all municipal internet and telephone lines for 24-48 hours, disrupting standard communications across city services. Critical exceptions included phone lines for the town hall, social services (CCAS), municipal police, sports department, Espages residence, and Noés daycare, which remained operational through alternate routing provided by telecommunications provider Orange. The city confirmed its external video surveillance system, operating on a separate network, also remained unaffected. Services hosted on third-party infrastructure—including schools, leisure centers, Pivollet daycare, family daycare services, and the Théâtre de l’Arsenal—experienced no disruptions. No evidence of data exfiltration or leakage of personal or confidential information was identified during the initial response phase.
Municipal technical teams worked continuously from September 5 through the weekend to restore systems, with telephone services beginning reactivation on September 6. Authorities projected full restoration of internet access by September 9 (Monday), contingent on ongoing remediation efforts. Residents were directed to use an online contact form on the city’s website (www.valdereuil.fr) for non-urgent communications during the outage. The city publicly acknowledged Orange’s regional division for maintaining critical phone services but did not disclose whether other external partners assisted in the recovery. No ransomware demands, financial impacts, or secondary disruptions to public safety operations were reported in available information. Restoration efforts focused exclusively on municipal networks, with no reported collateral effects on businesses or residents’ private infrastructure.