Cyber Incident Victim: Les Mureaux

On or around September 24, 2022, the municipal IT systems of Les Mureaux, Île-de-France, experienced a significant cybersecurity incident involving unauthorized access and encryption of critical infrastructure. Attackers deployed ransomware targeting administrative servers, disrupting access to citizen services including birth certificate processing, school enrollment systems, and municipal permit applications. The encryption affected databases supporting public-facing portals, internal communications platforms, and archival systems containing historical records. Technical staff detected anomalous network activity during routine monitoring, observing unusual file modification patterns across multiple departmental servers. This prompted immediate isolation of affected systems to prevent lateral movement within the network.

The incident triggered activation of the city's crisis management protocol, with coordination between municipal IT teams and France's National Agency for the Security of Information Systems (ANSSI). Forensic analysis confirmed the ransomware's execution path exploited unpatched vulnerabilities in legacy software components. Service disruptions persisted for 72 hours, delaying time-sensitive administrative processes and forcing temporary suspension of online payment systems. Restoration efforts prioritized recovery from offline backups maintained under the city's disaster recovery policy, with full system validation requiring 96 additional hours. No evidence emerged suggesting exfiltration of sensitive personal data. The municipality declined to disclose whether ransom demands were received or paid. Operational continuity measures included reverting to paper-based processing for urgent civil status documents during recovery. Post-incident audits identified gaps in patch management cycles, leading to revised maintenance schedules for critical infrastructure components.