Ransomware victim disclosure
← All victimsVille de Lille
Claimed by Royal · listed 3 years ago
Status timeline
- ListedMar 27, 2023
- Data leakeddate unknown
At a glance
- Group
- Royal
- Status
- Data leaked
- Country
- France
- Sector
- Government
- Listed on leak site
- Mar 27, 2023
About the victim
AI dossier — public-source company profileVille de Lille is the municipal government of Lille, the prefecture of the Nord department in northern France. It provides a broad range of public services to residents including civil status records, housing, public safety, urban planning, health, culture, and sport. Lille is a major French city with a population of approximately 230,000.
- Industry
- Municipal Government
- Address
- Place Augustin Laurent CS 30667, 59033 Lille Cedex, France
Attack summary
Severity: critical — Target is a municipal government handling PII of hundreds of thousands of residents, civil status records (births, marriages, deaths), social aid data, and other regulated personal data; data_published status confirms exfiltration and public exposure of sensitive government and citizen data.The Royal ransomware group claims to have attacked Ville de Lille and the disclosed status indicates data has been published. No ransom amount or specific data volume was stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Municipal administrative records
- Civil status documents
- Resident personal data
- Public procurement documents
- Employee/HR records
- Urban planning documents
What the group claims
AddressPlace Augustin Laurent CS 30667 59033 Lille Cedex
Sources
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

