Cyber Incident Victim: Réseau pédagogique neuchâtelois

On October 19, 2022, the Service informatique de l'entité neuchâteloise (SIEN) detected a targeted cyberattack against the email infrastructure of the Réseau pédagogique neuchâtelois (RPN), a pedagogical network serving educational institutions in Neuchâtel. The attack persisted into the evening of the same day, prompting SIEN to implement precautionary measures that included disabling all external internet access to RPN systems. This action rendered RPN's internet-dependent services temporarily unavailable for all users, though the exact technical nature of the attack and initial intrusion vector were not publicly disclosed. The disruption specifically impacted access to email systems and other online resources hosted within the RPN domain. No details were provided regarding potential data compromise or the identity of the threat actors.

In response, authorities established an operational task force comprising technical specialists from SIEN, the Office de l'informatique scolaire (OISO), and the Service informatique du secondaire 2 (SIS2), supported by external cybersecurity firms. This team focused on digital forensics to contain the incident's scope and evaluate systems for potential compromise. Internet access for the RPN domain remained suspended during the investigation, with restoration of external email access contingent upon further progress in mitigating the attack. The OISO and SIS2 were designated to communicate procedural updates to affected institutions as the situation evolved. The immediate operational impact centered on the loss of internet connectivity for RPN users, with recovery efforts prioritizing containment and system integrity assessments over premature service restoration.