Cyber Incident Victim: Bonjoursante
Date:
Oct 2019
Location:
Canada
Summary
A private Quebec medical appointment booking service experienced a cyber attack, prompting its president to temporarily shut down the website as a precautionary measure. The incident affected the commercial platform, which differentiates itself from the unaffected provincial government-operated physician access system. This disruption occurred amid unrelated cybersecurity incidents impacting other Canadian healthcare entities, though no operational details or data compromise specifics were disclosed regarding this particular attack. The organization took proactive containment steps while managing the situation.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Bonjour-Santé, a private Quebec-based medical appointment booking service, experienced a cyber attack on Sunday, October 6, 2019. The company’s president, Benoît Brunel, publicly confirmed the incident while communicating from Spain, indicating the attack occurred during the morning hours. In response to the breach, the organization proactively chose to temporarily shut down its website as a precautionary containment measure. This disruption directly impacted the platform’s core functionality, which specialized in facilitating expedited medical appointments for users. The decision to take systems offline represented an immediate operational response aimed at isolating potential threats and preventing further unauthorized access. No technical specifics regarding the attack vector, such as malware type or data compromise, were disclosed in available reporting. The incident occurred against a backdrop of heightened cybersecurity concerns across Canadian healthcare entities but was not linked to contemporaneous attacks on other medical facilities.
The cyber attack exclusively targeted Bonjour-Santé’s infrastructure, with no collateral impact on Quebec’s government-operated Family Doctor Finder service (Guichet d’accès à un médecin de famille). This distinction clarified that the breach remained confined to the private booking platform rather than affecting provincial healthcare systems. The timing followed two separate ransomware incidents at rural Ontario hospitals earlier that week and coincided with an unrelated computer shutdown at McGill University Health Centre, though authorities confirmed no connection between these events. Brunel’s disclosure via TVA Nouvelles constituted the primary public acknowledgment of the incident, though no further details regarding investigation timelines, forensic findings, or service restoration were provided. The temporary website closure represented the sole confirmed mitigation action taken by the organization in the immediate aftermath of the attack.