Menu
Browse
Date:

Jan 2024

Location:

France

Summary

A French hospital experienced a cyberattack involving a high-volume traffic surge targeting its servers, causing temporary disruption to its website, online appointment systems, and internal and external email communications. The attack prompted the institution to disconnect its internet access to protect infrastructure and data, with services partially restored over the following days. While operational impacts included blocked appointment confirmations and delayed communications, the organization confirmed no internal system intrusions or data compromises occurred. Full service normalization was anticipated within one to two days, with patients advised to verify appointments through an external platform during the recovery period.

CIA Posture Motives Tactics, Techniques & Procedures
Available to members 1 motive 1 technique
Threat Actors Type Location
0 actors Available to members Available to members

Description

The cyber incident targeting CHU de Nantes began during the night of Sunday, January 14, 2024, and continued into Monday, January 15. The attack disrupted the hospital’s online appointment system and website functionality, prompting an official announcement via the CHU’s Facebook page approximately 23 hours before the article’s publication. Internal communications were severely impacted, with staff unable to send or receive emails internally or externally as of Monday afternoon. Hospital personnel were formally notified of the cyberattack during this timeframe, though the exact detection mechanism or initial alert trigger was not disclosed. Technical analysis by the CHU’s digital services team identified the attack as a high-volume traffic surge deliberately engineered to overwhelm servers, destabilize the network, and cause service degradation—consistent with a distributed denial-of-service (DDoS) methodology.

Cyber Incident Image

In response to the attack, the CHU’s digital services division severed internet connectivity to isolate critical infrastructure and protect data integrity. This containment measure resulted in a full blockade of the hospital’s public website, online appointment portals, and all external email communications. By Tuesday, January 16, the CHU confirmed the attack had ceased and stated no evidence existed of internal system intrusions or data compromise. Service restoration efforts commenced immediately but were projected to require one to two additional days for full recovery due to residual system instability. Patients who scheduled appointments via Doctolib between Sunday and Tuesday were advised to verify appointment confirmations directly with departmental secretariats, as online systems remained partially unreliable during the recovery phase. The hospital did not disclose whether emergency services, internal medical systems, or patient records were affected during the outage.

Sources
Sources available to members
1 source