Cyber Incident Victim: Grand Est

On February 13, 2020, the Grand Est region of northeastern France experienced a significant ransomware attack that paralyzed its computer infrastructure. The incident began in the evening when attackers successfully corrupted all 80 servers within the regional network. This resulted in the complete encryption of the region's system data, rendering critical operations inoperable. Following the encryption, the perpetrators issued a ransom demand to the regional administration. The Grand Est authorities did not comply with the ransom request and instead initiated efforts to restore their systems. By February 14, the full scope of the compromise became evident as the entire IT network remained non-functional, affecting governmental operations and public services across the territory.

The cyber attack caused widespread disruption to the region's administrative functions and community services due to the total network compromise. No specific details about operational impacts on hospitals, transportation, or other critical sectors were disclosed in available reports. Regional technicians worked systematically to recover encrypted data and rebuild corrupted servers without paying the extortion demand. The recovery process involved gradual restoration efforts rather than immediate full-system reactivation. Authorities did not publicly identify the ransomware variant used in the attack or disclose whether data exfiltration occurred alongside encryption. The incident highlighted vulnerabilities in regional government networks, though technical specifics about initial attack vectors or security shortcomings remained unconfirmed in source documentation.