Cyber Incident Victim: Ville de Gravelines

On April 25, 2024, the municipal administration of Gravelines, a commune in northern France, publicly confirmed it was experiencing an active cyberattack. The incident prompted immediate containment measures, including the precautionary disconnection of all municipal servers and the restriction of internet access across communal services. City officials stated the technical response began upon detection of the attack, though they emphasized it remained impossible to diagnose its origin or nature at that initial stage. Municipal operations faced disruptions, with some digital services becoming unavailable despite core functions like telephony remaining operational. The city hall and its departments maintained telephone accessibility for public inquiries, though specific online or server-dependent actions were temporarily suspended. No details regarding the initial attack vector, data compromise, or threat actor were disclosed in public communications.

The cyberattack impacted routine administrative functions, though the city did not specify which services or systems were most severely affected beyond the generalized server and internet restrictions. Municipal authorities utilized social media platforms, including an official Facebook post, to notify residents of the incident and the operational limitations. They committed to providing updates as the situation evolved but did not offer a projected timeline for full service restoration. The incident response appeared focused on isolation and stabilization, with no mention of ransom demands, data exfiltration, or secondary impacts on critical infrastructure. Gravelines’ public communications emphasized continuity of basic operations through alternative channels while forensic analysis and recovery efforts proceeded under restricted conditions. The city maintained this posture through the initial disclosure period without further elaboration on technical specifics or long-term consequences.