Cyber Incident Victim: Ifag

The cyberattack targeting the Maison de l'entreprise in Auxerre began during the night of February 20 to 21, 2023, crippling the data systems of multiple educational institutions housed at the Monéteau Road facility. The attack paralyzed the entire IT infrastructure of the Ifag management school along with four affiliated entities: EPSI, ITII, IET, and pôle formation 58-89. Attackers employed file encryption techniques that rendered all systems inaccessible, effectively halting operations. Claude Vaucouloux, Director of Ifag, publicly confirmed the incident on the morning of February 23, characterizing it as part of an "international attack" allegedly compromising hundreds of thousands of systems simultaneously. The cyber intrusion remained active as of the evening of February 23, with no restoration timeline provided. Vaucouloux declined to specify operational consequences for the management school but emphasized the comprehensive nature of the compromise, stating "nothing remains accessible" due to the encryption-based assault.

Authorities mobilized multiple investigative units in response to the breach. The National Cybersecurity Agency (ANSSI), National Sub-Directorate for Cybercrime Combat (SDLC), and local police initiated parallel investigations, reflecting the incident's perceived severity. By February 23, jurisdictional oversight shifted from the Auxerre prosecutor's office to Paris authorities, indicating recognition of the attack's national scope. Sébastien Halm, Departmental Director of Public Security for Yonne, contextualized the response within broader protective measures for regional businesses, referencing prior police initiatives to catalog vulnerable entities and specialized agent training programs conducted during 2022. The coordinated law enforcement engagement underscored institutional concerns about cyber threats targeting small and medium enterprises, though specific forensic findings or attribution details remained undisclosed at the time of reporting.