Cyber Incident Victim: Luxembourg City

On January 10, 2025, multiple Luxembourg government websites experienced a Distributed Denial-of-Service (DDoS) attack beginning at approximately 13:00 local time. The State Information Technology Centre (CTIE) confirmed the incident, which rendered critical online services—including MyGuichet and LuxTrust—inaccessible for approximately two hours. Attackers overwhelmed the target servers with automated requests, preventing legitimate user access. CTIE restored functionality by 15:00 but declined to disclose technical specifics or attribute responsibility, citing an ongoing investigation. This marked the third major cyber disruption targeting Luxembourg’s digital infrastructure within a year, following similar incidents in October 2024 and a prolonged attack during March-April 2024. No data breaches or system compromises were reported in the January event, though service interruptions disrupted public access to administrative and authentication platforms.

The spring 2024 attack referenced by CTIE involved a two-week disruption affecting high-profile entities including the Ministries of Finance and Justice, national statistics agency Statec, and health fund CNS. Pro-Russian hacker groups claimed responsibility via Telegram, framing it as a coordinated action with allied cyber collectives. Luxembourg’s government publicly rejected any connection between the attack and its geopolitical stance on Ukraine while withholding forensic conclusions about its origin. Cybersecurity firm Check Point documented an 82% year-over-year increase in attacks against organizations globally during Q3 2024, with financial institutions averaging 723 weekly attacks—contextualizing Luxembourg’s recurring vulnerabilities. CTIE’s January 2025 response mirrored its prior strategy: restoring services without confirming adversary identities or revealing mitigation tactics.