Cyber Incident Victim: Marista Group

On or around March 13, 2022, the Marista Group's operational systems suffered a cyberattack that disrupted services across multiple healthcare and educational institutions under its management. The attack forced Hospital Cajuru, Marcelino Champagnat Hospital, and Pontifícia Universidade Católica do Paraná (PUCPR) to operate without functional IT systems for at least three days. Employees reported being effectively "blind" due to the sustained network and system outages, which rendered digital infrastructure inoperable. Public-facing websites displayed maintenance notifications instead of normal interfaces, indicating deliberate takedowns or system isolation. The prolonged disruption suggests attackers compromised critical backend systems rather than conducting superficial website defacements.

The Marista Group confirmed through official statements that patient care continued despite operational instability, with medical teams reverting to manual documentation processes. Staff maintained physical medical records for patient histories and medication administration, demonstrating established contingency protocols for critical care continuity. No evidence suggests treatment delays or compromised medication safety resulted from the attack. The organization did not disclose whether data theft occurred or identify specific threat actors, focusing communications on service continuity measures. System restoration timelines remained unspecified in available reports, though the three-day outage window indicates significant recovery challenges. The incident's scope impacted both healthcare delivery and academic operations at PUCPR, highlighting cross-sector vulnerabilities within the group's integrated infrastructure.