Merlevenez

Merlevenez is a commune situated in the Morbihan department of the Brittany region in northwestern France. As a local administrative entity, it is responsible for delivering a range of public services to its residents, including the maintenance of civil records, the organization of local elections, and the management of municipal infrastructure such as roads, schools, and communal facilities. The commune also oversees urban planning, issues building permits, and provides social assistance programs tailored to the needs of its population. In addition to these core functions, Merlevenez participates in regional development initiatives and collaborates with neighboring municipalities on shared services like waste collection and public transportation. Its administrative structure follows the standard French model, with an elected municipal council led by a mayor who represents the commune in dealings with higher levels of government. The day-to-day operations are carried out by municipal staff, including the director general of services, who coordinates the various departments and ensures the implementation of council decisions.

While the specific size of Merlevenez’s population or budget is not detailed in the available sources, the commune functions as a typical small‑to‑medium sized French municipality serving a predominantly rural or semi‑rural community. A distinguishing attribute of Merlevenez emerged in March 2025 when it became the target of a sophisticated cyberattack that highlighted vulnerabilities in its digital defenses. The incident began with a phishing email containing a malicious attachment that, once opened, installed spyware enabling attackers to monitor internal communications and harvest credentials, including those of the director general of services. Using the stolen identity, the perpetrators attempted to place fraudulent orders with major suppliers such as Bouygues and Lenovo, seeking to exceed 150,000 euros in value, and also tried to alter bank details on legitimate invoices to divert funds. The swift detection of suspicious activity by the targeted companies prevented the fraud from succeeding, and both the commune and its director general filed formal complaints for computer piracy and identity theft. This event underscores the growing cybersecurity challenges faced by local governments and serves as a notable case study in the importance of employee awareness and robust incident response procedures for municipal entities in France.