French carmaker Renault said Saturday that it had been hit by the wave of cyberattacks sweeping the globe, forcing it to shut down production at several sites to keep the virus from spreading. "We have been affected," a spokeswoman told AFP, saying they were assessing the situation to try to find a solution. "Work is going on since last night. We are doing what is needed to counter this attack." The attack prompted Renault to stop production at several sites in France, part of measures being taken to stop the virus from spreading. It did not identify the sites, but a union source said the factory at Sandouville in northern Normandy was one of the main sites affected. A spokesman at the site, whose 3,400 employees normally produce about 640 utility vehicles a day, confirmed it had been a victim of the cyberattack. "Production was affected overnight but luckily there was no full production scheduled for this weekend, only some 'stamping' operations," he said. Teams were working on the problem, and he estimated that work would resume on Monday morning. Another factory that was hit, at Douai, also in northern France, was not paralysed because operations were halted for the weekend, but teams were working to evaluate the extent of the breach, a plant official said. - 'Bad surprises - Car production was also halted in Slovenia after computers at the headquarters of Renault's Revoz subsidiary in Novo Mesto were affected, a spokeswoman told AFP. "We can confirm that on Friday, May 12, some problems occurred on certain parts of Revoz's information system that led to the halting of production during the night," the spokeswoman said. Production remained suspended Saturday, she added. Renault also said malfunctioning IT systems had led it to curtail activity at a plant operated by its Dacia subsidiary in Mioveni, Romania, requiring it send many employees home on Saturday. Renault is the first French company to confirm it has been affected by Friday's wave of cyberattacks, which apparently exploited a flaw exposed in documents leaked from the US National Security Agency. France's ANSSI digital security agency said that for the moment, it knew of no other French victims of the attack. But the agency's director, Guillaume Poupart, told AFP there were probably others who would discover breaches in the coming hours or days. "There's a fear that, on Monday morning especially, we'll have some bad surprises when people turn on their computers," he said.