Cyber Incident Victim: Centre Hospitalier du Gers
Date:
Aug 2025
Location:
France
Summary
The Centre hospitalier du Gers experienced a cyber incident that officials suspect may involve ransomware, prompting an ongoing investigation and daily coordination meetings within the facility. Despite the disruption, patient admissions and care have continued without interruption, and authorities have stated that no data appear to have been compromised at this stage. The event highlights the growing cybersecurity challenges faced by rural healthcare institutions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On Wednesday 6 August, in the late morning, the Centre hospitalier du Gers experienced a computer incident that officials described as possibly linked to ransomware. The incident was identified when staff noticed disruptions to information systems that could block access, encrypt data, or extract information. Hospital authorities immediately characterized the event as a cyber incident and initiated internal checks to assess the scope. No patient care services were interrupted, and admissions continued as normal during the initial detection phase. The hospital’s IT team began monitoring affected equipment to determine whether any data had been altered or exfiltrated. Preliminary assessments indicated that no data appeared to have been compromised at that point.
Following the detection, the hospital’s direction established a daily monitoring cell to coordinate the response and track developments. The Centre hospitalier du Gers contacted the relevant state services to launch an investigation and to obtain assistance for remediation. Officials stated that the investigation was ongoing and that they were working to restore full system functionality as quickly as possible. Despite the incident, the hospital maintained that all medical admissions and patient care proceeded without interruption. No ransom demand was reported in the available statements, and no evidence of data leakage was found in the early review. The hospital emphasized that it remained in liaison with authorities to ensure appropriate handling of the cyber event.
The incident added to a growing concern about cyber threats facing rural healthcare facilities, a topic that had been highlighted earlier in the year. In April, a Conseil départemental de sécurité économique had organized a gathering of local actors to raise awareness about increasing digital risks and to improve information sharing. That prior initiative aimed to strengthen the resilience of the local economy, including health institutions, against cyber attacks. The hospital’s experience underscored the relevance of those earlier discussions and the need for continued vigilance. Officials indicated that lessons from the ongoing investigation would inform future preparedness measures for the establishment. The situation remained under active review, with updates expected as the inquiry progresses.