Cyber Incident Victim: Évreux Portes de Normandie

In mid-December 2020, the City of Évreux and the Évreux Portes de Normandie agglomeration community in France experienced a disruptive ransomware attack. The intrusion occurred approximately one week prior to December 18, prompting an immediate system lockdown to contain the threat. Municipal authorities disabled network access to isolate the attacker, resulting in severely degraded telecommunications and internet services across administrative operations. This containment measure left municipal staff unable to perform routine digital functions, with critical infrastructure components remaining offline during the initial response phase. No ransom demand had been communicated to city officials by the time the incident became publicly reported. The coordinated cyberattack impacted both the city government and the broader intercommunal services managed through Évreux Portes de Normandie, though specific intrusion vectors and malware variants were not disclosed in available reports.

The sustained system lockdown created operational paralysis affecting essential public services. Municipal employees faced significant challenges conducting basic administrative tasks due to inoperable phone systems and restricted internet connectivity. Civil ceremonies requiring digital record-keeping, including weddings, required contingency planning as officials evaluated alternative processing methods. Physical municipal offices remained accessible to residents, though service capacity was substantially reduced without functional IT systems. Recovery efforts focused on forensic analysis and system restoration, with no confirmed timeline for full operational restoration at the time of reporting. The absence of a ransom demand distinguished this incident from typical ransomware operations, though authorities maintained defensive measures against potential follow-on attacks or data exfiltration attempts.