Cyber Incident Victim: Ville de Guingamp

In May 2022, the municipality of Guingamp experienced a cyberattack targeting two of its servers, resulting in data loss within its digital archives. The incident was disclosed by Mayor Philippe Le Goff, who confirmed the compromise occurred the previous month. The attack disrupted archival systems but did not cripple municipal operations entirely. Guingamp engaged two external cybersecurity firms—one based in Fougères (Ille-et-Vilaine) and another in Vannes (Morbihan)—to assist with recovery efforts. Through this collaboration, the city successfully restored all lost data. However, the restoration process necessitated approximately two months of manual data re-entry by municipal staff to fully reintegrate the recovered information into operational systems. The attack did not involve ransomware payment, as a suspicious email received by the municipality was initially classified as spam and deleted without further engagement.

The financial impact of the incident totaled €18,500, covering recovery services and associated operational expenses. To prevent future vulnerabilities, Guingamp migrated its systems from Windows 7 to Windows 10 following the attack, addressing outdated software that may have contributed to the breach. While data integrity was fully restored, the manual recovery workload required significant effort from administrative personnel over the subsequent two months. The municipality emphasized that no ransom demands were fulfilled and that critical public services remained functional throughout the incident. No additional technical details regarding the attack vector or threat actor were disclosed by officials.