Cyber Incident Victim: Fondation santé des étudiants de France

The cyberattack impacting the Fondation santé des étudiants de France (FSEF) network began disrupting operations by April 17, 2021, targeting at least 12 of its affiliated healthcare facilities. The Grésivaudan clinic in La Tronche, Isère, experienced a complete halt of computer systems starting April 17, forcing staff into operational paralysis. Clinic reception staff confirmed the severity, stating, “We are on a break, we can not do anything,” indicating critical IT infrastructure failure. Simultaneously, the Cadrans Solaires clinic in Vence, Alpes-Maritimes, faced identical disruptions, confirming the attack’s multi-site impact within the FSEF network. The FSEF publicly acknowledged the incident via Twitter on April 17, emphasizing that while organizational workflows were severely compromised, no immediate life-threatening risks to patients were identified. The foundation assured continuity of care across all 13 clinics under its management, though specific technical countermeasures were not detailed.

The attack’s primary consequence was widespread operational paralysis across the affected clinics, with computer systems rendered inoperable for an unspecified duration. FSEF’s tweet explicitly stated the complications were organizational rather than clinical, avoiding references to data theft, ransomware, or attacker identity. No patient data breaches or treatment interruptions were cited, with care continuity maintained through unspecified contingency protocols. The foundation did not disclose the attack vector, root cause, or full recovery timeline. Public communication was limited to the single April 17 tweet, which framed the incident as contained to operational disruptions without escalating patient safety concerns. The attack’s scope remained confined to FSEF clinics, with no reported spillover to external healthcare partners or broader infrastructure.