Cyber Incident Victim: WZC Sint-Camillus

On October 23, 2022, WZC Sint-Camillus, a residential care center in Wevelgem, Belgium, experienced a disruptive cybersecurity incident involving unauthorized access to its operational systems. The attack encrypted critical IT infrastructure, including patient management systems, administrative databases, and internal communication platforms, rendering them inaccessible to staff. This encryption event was consistent with ransomware tactics, though no specific threat actor group claimed responsibility during the initial phase. Facility personnel detected the intrusion when standard systems became unresponsive, followed by the appearance of ransom notes demanding payment for decryption keys. The incident immediately halted electronic health record access, appointment scheduling, and digital medication administration records, forcing staff to revert to paper-based processes for resident care documentation.

The organization initiated containment protocols by disconnecting affected servers and workstations from the network to prevent lateral movement of the malware. Management notified Belgium's Centre for Cybersecurity (CCB) and local law enforcement to coordinate forensic analysis and incident response. Recovery efforts prioritized restoring emergency care systems using isolated backups, though incomplete backup integrity prolonged service restoration timelines. Operational disruptions persisted for multiple weeks, delaying non-urgent medical procedures and external communications. Resident privacy concerns emerged when forensic investigators confirmed unauthorized exfiltration of personal data, including health records and identification documents. The facility issued public notifications regarding potential data exposure but did not disclose whether ransom negotiations occurred or whether data was published by threat actors. Full restoration of pre-incident operational capacity required months of infrastructure rebuilding and security upgrades.