Cyber Incident Victim: Centre Hospitalier de Mâcon

The Centre Hospitalier de Mâcon (CH Mâcon) experienced a cyberattack on the evening of May 27, 2022. The hospital’s IT department detected the incident and initiated immediate protective measures to contain the attack’s impact, successfully limiting damage to their systems. Following the initial response, CH Mâcon engaged two national cybersecurity agencies—the Agence nationale de sécurité des systèmes d’information (ANSSI) and the Centre d’appui à la gestion des cyber menaces en santé (CERTE Santé)—to conduct a forensic analysis of the breach and coordinate the full restoration of hospital information systems. Concurrently, the hospital filed a formal legal complaint regarding the attack. While internal hospital operations remained unaffected, allowing uninterrupted patient care, external email communications were completely disabled from the time of the attack onward.

The cyberattack disrupted all email exchanges between the hospital and external entities starting on May 27, with no confirmed restoration timeline provided in initial communications. Patients and partners were instructed to contact hospital departments via telephone or fax, with relevant numbers remaining accessible on the hospital’s website. Internal IT systems continued functioning normally, ensuring clinical operations, admissions, and patient care protocols proceeded without interruption. CH Mâcon committed to providing public updates as recovery efforts progressed but did not disclose technical details about the attack vector, threat actor, or data compromise in its initial statement. The coordinated response involving national cybersecurity authorities indicated adherence to France’s incident response protocols for critical healthcare infrastructure.