Cyber Incident Victim: Public Social Action Center of Mouscron

On September 5, 2022, the Public Centre for Social Welfare (CPAS) of Mouscron, Belgium, experienced a debilitating cyberattack that paralyzed its entire IT infrastructure. The attack rendered all critical operational systems inaccessible, halting agenda management, electronic payment processing, and database retrieval for beneficiary records and nursing home resident files. This systemic failure severely disrupted service delivery, making case follow-ups impossible and forcing the organization into manual workarounds. The attack’s immediate aftermath left staff unable to perform routine functions, including scheduling appointments or accessing client histories. CPAS officials confirmed the incident stemmed from a deliberate hacking operation, though no ransom demand accompanied the compromise. Initial assessments indicated recovery would require a minimum of four days, extending operational disruptions through at least September 9.

In response, CPAS Mouscron activated contingency measures to manage client interactions, directing individuals with scheduled appointments to contact a dedicated phone line (056/390.450) to reschedule meetings for the following week. The center publicly acknowledged the cyberattack’s authorship by hackers but emphasized the absence of extortion attempts. No data theft or specific attacker identity was disclosed in initial communications. Service interruptions affected all CPAS-dependent facilities, including affiliated nursing homes, compounding risks for vulnerable populations reliant on timely social assistance. The organization focused on restoring basic functionality while operating under prolonged IT limitations, with no immediate resolution timeline provided beyond the initial four-day estimate.