The town of Betton (Ille-et-Vilaine), near Rennes, was the victim of a cyberattack by hackers who disseminated personal data in front of the refusal of the municipality to pay a "ransom", according to concordant sources. The "ransomware" attack was committed on the night of August 30 to 31 by a group called Medusa which had already targeted, two weeks earlier, the town of Sartrouville (Yvelines) by the same process.
The attack had encrypted "all data" of the computer system to make them inaccessible and also allowed hackers to subtract data, said the town hall of Betton (12,500 inhabitants) in a statement released Monday. The hackers demanded a ransom of $100,000, which the municipality refused to pay.
They carried out their threat over the weekend by disseminating on the "dark web" a lot of information about the citizens of Betton, according to a Rennes cybersecurity expert, the "ethical hacker" S.A.X.X. Among the data delivered to pasture include tax notices, rent receipts, "hundreds" of bank statements and bills but also information on children, details the expert on X (ex-Twitter). He considers it urgent "to alert the many inhabitants of Betton and more generally the Bretons who have worked for the city since 2019 at least.»
Work is currently being carried out by the services and our service providers to identify precisely the personal data that would appear in this exfiltration", which represents "about 2% of all data" stored in the computer system, writes the town hall of Betton in its press release. "We will contact the people more particularly concerned to accompany them and advise them in the procedure to follow," she adds.
It advises residents and users to "exercise caution" in the face of any suspicious email and invites them to change their email password. The town hall was able to restore its data "thanks to an efficient backup system" and its computer system is "in the recovery phase of activities".