On September 26, 2024, CDC Biodiversité, a French environmental organization, became the victim of a ransomware cyberattack that had significant operational consequences. The attack disrupted the company’s business activities, leading to the immediate activation of a crisis unit composed of the organization’s internal teams and cybersecurity experts. Their primary objective was to investigate the incident and take necessary actions to restore normal operations as quickly as possible. While the system was compromised, the company deployed resources that allowed the teams to continue working in a degraded mode.
As the investigation progressed, it became evident that the cyberattack had also led to a data leak. The leaked data was found to be exfiltrated to the internet, although the scope of the breach was limited to a defined perimeter. CDC Biodiversité has since prioritized the protection of the confidentiality, integrity, and availability of the affected data, especially regarding customers, suppliers, and employees. The organization is working with relevant stakeholders to address the consequences of the breach and mitigate further risks.
The company has implemented both technical and organizational measures to restore the normal functioning of its operations. Despite the challenges posed by the attack, CDC Biodiversité remains fully committed to ensuring the continuity of services for its customers and partners. The crisis unit continues to monitor the situation, with teams mobilized to handle the aftermath of the cyberattack and safeguard the organization’s assets and data.
In its communications, CDC Biodiversité expressed gratitude for the understanding and support of its customers, partners, and employees during this exceptional situation. The management has assured all parties that it will provide updates as the investigation progresses and normal operations are restored. The company is also committed to sharing any relevant information regarding the consequences of the attack and the steps taken to prevent further incidents.
Reference:
