Lumila

Lumila operates under that alias and has its headquarters located in France. The organisation is identified as a subcontractor for the French national railway company SNCF. This relationship indicates that Lumila provides contracted services to SNCF, although the specific nature of those services is not detailed in the available sources.

On 3 February 2023, Lumila was the target of a ransomware attack that compromised a workstation at one of its sites. The attackers deployed ransomware and demanded an undisclosed ransom payment for the release of the affected system. The incident was reported publicly and drew attention due to Lumila’s ties to SNCF.

Following the attack, specialised cybercrime units launched an investigation into the breach. The full scope of the compromise, including any potential data exfiltration or lateral movement, remains unconfirmed in the sources. Likewise, the exact amount of the ransom demanded or whether any payment was made has not been disclosed.

SNCF issued a statement confirming that its own networks were not at risk as a result of the incident. The railway operator explained that its IT systems are isolated from those of its subcontractors, which prevented the ransomware from spreading to SNCF infrastructure. This separation was cited as a key factor in limiting the impact of the attack.

The episode serves as a reminder of the cybersecurity risks that can affect subcontractors linked to essential services. It underscores the importance of incident response coordination between private firms and specialised cybercrime authorities. No further details about Lumila’s broader operations or security posture are provided in the sources.