Cyber Incident Victim: Conseil départemental des Hauts-de-Seine
Date:
May 2025
Location:
Cocos (Keeling) Islands
Summary
The Hauts‑Seine department suffered a cyberattack that cut its telecommunications and slowed administrative operations. Officials said all telecommunication means were shut down as a precaution while IT teams and service providers work to assess the impact, protect data, and restore network and application access. Nearby municipalities were alerted, and some surrounding towns have previously experienced ransomware attacks. The department posted a brief message on X confirming the attack and stating that full measures are being taken to evaluate the situation and resume normal services.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On May 20 2025, the Hauts-de-Seine departmental council experienced a cyberattack that disrupted its administrative operations. Officials reported that the administration was operating at a reduced pace due to a slowdown in the internal network. In response, the department’s IT staff, together with external service providers, initiated an assessment of the incident’s impact. As a precautionary measure, telecommunications services were temporarily suspended across the department’s territory. The mayor of Neuilly-sur-Seine, Jean-Christophe Fromantin, confirmed that all telecommunications means had been cut off to limit potential spread. The department’s official account on X (formerly Twitter) was used to announce the ongoing cyberattack and to note that response efforts were underway.
The department’s statement indicated that teams were working to evaluate the attack’s impact, safeguard the personal data of employees and residents, and restore access to internal systems and applications. No specific details about the attack vector or the data compromised were disclosed in the initial announcement. Historical context shows that the Hauts-de-Seine department had previously endured a network intrusion in 2023. Additionally, nearby communes such as Chaville and Saint-Cloud had experienced ransomware‑based cyberattacks during the preceding three years. The department’s current response includes mobilizing internal IT teams and external contractors to contain the incident and resume normal operations. The statement emphasized that restoring secure access to services remains a priority while the investigation continues.