Cyber Incident Victim: Ville d'Aix-les-Bains
Date:
Mar 2022
Location:
France
Summary
A municipal administration in Auvergne-Rhône-Alpes experienced a cyberattack that paralyzed its website, employee workstations, and internet access, severely disrupting external communications and internal operations. Email systems were rendered non-functional except for limited internal messaging, notably impairing services like public communications and the live broadcast of council meetings, though the city's Facebook page remained operational. The incident occurred amid a series of similar attacks targeting neighboring municipalities in the Savoie region over recent months, including compromises affecting local governments and their associated communities. Technical teams were actively responding, but the perpetrators remained unidentified at the time of reporting.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The cyberattack targeting the municipal systems of Aix-les-Bains, Savoie, commenced on March 22, 2022, disrupting critical digital infrastructure. The assault paralyzed the city's official website and rendered employee workstations inoperable, severing all external internet connectivity. Municipal staff lost the ability to send or receive external emails, though internal messaging systems remained functional. This communications breakdown particularly hampered departments requiring external coordination, such as communications services. The attack additionally prevented the scheduled live-streaming of that day's municipal council meeting across social media platforms, disrupting public transparency efforts. By March 25, three days post-incident, recovery efforts had partially restored the city's Facebook page operations while other systems remained compromised.
Aix-les-Bains' IT department actively managed the incident response, though investigators had not identified the perpetrators by March 25. This event continued an established pattern of cyber assaults targeting municipalities across the Savoie region. Previous incidents included an April 2021 attack on Bourg-Saint-Maurice, a late November 2021 breach affecting Annecy, and a December 2021 compromise impacting Saint-Jean-de-Maurienne alongside its entire community of communes. The prolonged disruption to Aix-les-Bains' digital services underscored the operational vulnerabilities of local government networks to coordinated cyber intrusions.