Cyber Incident Victim: Nouvelle-Aquitaine

On or around April 17, 2023, the municipal government of Morcenx-la-Nouvelle in France’s Nouvelle-Aquitaine region experienced a disruptive cyberattack targeting its IT infrastructure. The incident was detected by Monday, April 17, prompting immediate containment measures. Municipal officials isolated all affected systems, including those of the town hall, to prevent further spread of the attack. As a precaution, interconnected services operated by the Centre Intercommunal d’Action Sociale (CIAS), the local Community of Communes, and the Syndicat des Déchets de la Haute Lande (SEDHL) were also disconnected from shared networks. A technician from the municipality’s IT service provider arrived on-site by Tuesday, April 18, to conduct a forensic assessment aimed at identifying the attack’s entry point, evaluating potential data loss, and determining the operational impact on recent backups performed prior to the incident.

The attack caused significant service disruptions, rendering all municipal email systems inoperable indefinitely. To maintain public communications, temporary telephone lines were activated during standard business hours: 06 98 12 41 49 for general town hall inquiries, 06 69 52 40 92 for the Community of Communes and SEDHL, 06 69 53 01 24 for CIAS, and 06 76 84 02 26 for the tourist office. Physical access to municipal offices remained unaffected, and critical services such as passport and national ID card processing continued without interruption. Officials emphasized ongoing efforts to diagnose the attack’s full scope and confirmed plans to file a legal complaint. No evidence of data exfiltration or ransom demands was disclosed in initial public updates.