Cyber Incident Victim: Université Paris-Saclay

On August 11, 2024, Université Paris-Saclay experienced a ransomware cyberattack that disrupted its digital infrastructure, rendering its official website inaccessible by the following Tuesday. The university confirmed the incident via a social media post on platform X, identifying the attack methodology as ransomware—malware designed to encrypt systems and demand payment for decryption. A crisis management unit was activated following the breach, though the institution provided no immediate details regarding operational disruptions, data compromise, or ransom demands. The National Agency for the Security of Information Systems (ANSSI) was engaged to assist with incident response, though neither ANSSI nor university representatives responded to media inquiries from AFP and Tech&Co seeking clarification on the attack’s scope or remediation progress.

The incident occurred at a prominent academic institution ranked 15th globally in the 2023 Shanghai Ranking and positioned as continental Europe’s highest-ranked university. Its 2024 ranking was scheduled for release days after the attack. Established in 2020, Paris-Saclay operates a large campus south of Paris and attracts significant international enrollment. This breach followed another high-profile ransomware attack one week prior targeting the Grand Palais—a Paris Olympics venue—and approximately 40 French museums. In that incident, attackers compromised financial data systems, issued ransom demands, and threatened to publish encrypted data, though no confirmed link between the two attacks was disclosed. The university’s public communications remained limited to acknowledging the ransomware event and crisis cell activation without elaborating on technical impacts, recovery timelines, or investigative findings.