The Côte-d'Or department has faced significant challenges this week as it reported being the victim of a massive cyberattack, which authorities suspect might be "of Russian origin." The announcement came through the department's social media channels on Wednesday, March 12, 2025, as officials worked to restore normalcy following the incident.
Starting early on March 12, the department's website, cotedor.fr, experienced "severe disruptions". The administration explained via social media platforms the attack targeted several government administrations and aimed to block internal communications, severely hindering their operations. Despite the enormity of the breach, officials confirmed there had been no data leaks, alleviating some public concern about sensitive information exposure.
Information released by the department detailed how the attack had initially begun three days earlier, indicating it had been brewing before the March 12 announcement. While the scale of the invasion was alarming, the situation was reportedly returning to normal by the end of the day on March 12. A surge of activity on their website—estimated at 100 million requests per minute—was cited as the primary reason for the saturation, according to Comments by the department's president, François Sauvadet.
On Thursday, March 13, Sauvadet provided additional insights when speaking to local news outlet Ici Bourgogne. He reassured the public, stating, "Nous avons reçu 100 millions de sollicitations par minute sur notre site, ce qui a évidemment entraîné une saturation," which translates to, "We received 100 million requests per minute on our site, which obviously led to saturation." He then emphasized again—that the attack was not dangerous because no personal data, including information related to social benefits recipients, had been compromised.
The backdrop to this cyber assault sheds light on current geopolitical tensions. Sauvadet remarked, "Vous voyez bien les tensions qui ont émergé après les récentes déclarations du président de la République. Cela a cristallisé des tensions déjà très fortes avec la Russie et pourrait expliquer cette attaque," which means, "You can see the tensions arising after the recent statements of the President of the Republic. This has crystallized already very strong tensions with Russia and could explain this attack." His comments suggest the cyberattack may have been carefully timed to coincide with rising hostilities between France and Russia.
Such incidents of cyber invasions have been increasing over time. Between January 2022 and June 2023, the Agence nationale de la sécurité des systèmes d’information recorded 187 cyberattacks targeting local governments—hinting at the vulnerabilities within public digital infrastructure. While this event is significant, it serves as another reminder of the urgent need for heightened cybersecurity measures to protect governmental institutions from future threats.
Local authorities have since reassured the public of their commitment to resolving the disruptions efficiently. The cybersecurity team is working diligently to restore affected systems and to implement stronger defensive measures to prevent such overwhelming requests from crippling their services again.
The incident caught the attention of security analysts and local citizens alike, raising questions about the preparedness of local administrations to combat cybercriminal threats. The recent attack on Côte-d'Or prompts important discussions about the defense mechanisms put forth by various administrative bodies—what strategies can be implemented to protect sensitive data, and how can these services operate more securely?
Moving forward, it will be imperative for Côte-d'Or and similar jurisdictions to reassess their cybersecurity strategies and crisis management protocols to mitigate the impacts of future cyberattacks. The situation emphasizes the importance of vigilance and proactive measures to safeguard valuable digital infrastructures.
While authorities work to restore their operations, the Côte-d'Or department remains committed to transparency and openness, continuing to update residents on the status of the situation. This cyber incident serves as both “a wake-up call" for local governments and as part of the broader conversation on the significance of maintaining secure and resilient technological frameworks to withstand disruptive attacks.