Cyber Incident Victim: Société d'Economie Mixte Immobilière de Saintonge
Date:
Dec 2022
Location:
France
Summary
The organization experienced a malicious cyber incident involving fraudulent emails and identity theft attempts, targeting tenants with payment requests and phishing links. This attack significantly disrupted its information systems, causing operational dysfunction in its role as a social housing provider. The entity is actively working to bolster security measures and restore normal operations, while advising recipients to avoid engaging with suspicious communications and to report incidents through established channels.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around December 12, 2022, Société d'Economie Mixte Immobilière de Saintonge (SEMIS) publicly disclosed it had experienced a malicious cyber incident involving fraudulent emails and identity theft attempts targeting its tenants and stakeholders. The organization confirmed unauthorized actors were sending emails impersonating SEMIS to solicit rental payments and extract sensitive information. These phishing attempts instructed recipients to click embedded links or provide payment details under false pretenses. SEMIS explicitly warned tenants against engaging with these messages, emphasizing they should not respond, share information, or interact with any links. The incident caused significant operational disruption, degrading the performance of SEMIS's information systems and impairing its core activities as a social housing provider. While the exact duration of the disruption remains unspecified, SEMIS acknowledged the attack's ongoing impact at the time of its public statement, indicating sustained system instability affecting service delivery.
SEMIS implemented immediate response measures focused on tenant communication and incident reporting. The organization directed individuals to verify any suspicious communications through established channels by contacting their usual SEMIS representatives or forwarding phishing attempts to a dedicated email address ([email protected]). SEMIS maintained standard operational phone lines for tenant inquiries regarding rent, technical issues, and housing benefits, suggesting partial continuity of critical services despite system-wide performance issues. Internally, SEMIS prioritized security enhancements and system restoration efforts, committing to restoring normal operations swiftly. No technical specifics about the attack vector, data compromise, or forensic findings were disclosed. The incident directly impacted SEMIS's ability to function as a primary social housing provider in the Saintes agglomeration, affecting its management of nearly 3,900 residential and commercial properties across 80 municipalities in Charente-Maritime.