Cyber Incident Victim: Conseil départemental du Loiret

The Département du Loiret experienced a cyberattack on November 4, 2023, with disruptive effects detected overnight into November 6. Initial technical impacts included the disruption of email services, restricted access to servers, and the unavailability of critical business applications. The department restored its helpline number promptly while other systems remained impaired. A crisis management unit was activated to coordinate the response, and Orange Cyberdéfense initiated a digital forensic investigation to determine the attack’s origin and scope. Early departmental communications on November 6 emphasized no evidence of data exfiltration had been identified at that stage, though operational disruptions persisted across multiple service channels.

On November 25, attackers published stolen files on a dark web portal, confirming earlier threats made by the perpetrators. The exfiltrated data originated from a file server directory containing historical records of the www.archives-loiret.fr website. Forensic analysis indicated the data had been extracted gradually, leaving minimal detectable traces. The department preemptively established a dedicated team to assess the sensitivity of compromised data and prepare targeted communications for potentially affected individuals. Investigations revealed no sensitive personal information in the initially leaked dataset, though the department maintained vigilance for potential future disclosures. Orange Cyberdéfense concluded its investigation after confirming the eradication of malicious agents from all servers, authorizing full reconstruction of the information systems. The incident aligns with broader trends reported by ANSSI, which documented an average of 10 monthly cyberattacks against French local governments between January 2022 and June 2023, with departments ranking as the second-most frequent targets after municipalities.