Cyber Incident Victim: Maison d'arrêt de Draguignan

On January 11, 2023, the Maison d'arrêt de Draguignan prison experienced significant disruptions stemming from a malware infection. According to staff representatives, the incident originated when a teacher conducting a class for inmates introduced a virus into the prison's computer system via a USB drive. Prison administration promptly disconnected the infected system to prevent propagation across the network, though concerns initially arose about potential compromise of the adjacent hospital's servers located within the prison infirmary. The Centre hospitalier de la Dracénie later confirmed their systems remained unaffected. Despite containment efforts, the malware triggered cascading electrical failures that culminated in a complete power outage during the evening of Friday, January 13. This resulted in the loss of lighting and disabled surveillance cameras throughout the facility, creating critical security vulnerabilities.

The power failure necessitated emergency response measures, including deployment of regional intervention teams (Eris) from Marseille to reinforce security. Prison staff conducted manual patrols around the perimeter while national police increased neighborhood surveillance. Electrical service was restored by Monday, January 16, allowing Eris units to withdraw. Though operations normalized, the administration reported ongoing system fragility and engaged regional cybersecurity analysts to assess damage and conduct diagnostics. A judicial investigation was initiated, though the Draguignan prosecutor's office declined to confirm details publicly. The Marseille interregional prison administration acknowledged the incident while emphasizing full restoration of services. No data breaches or additional collateral impacts beyond the prison's electrical and surveillance infrastructure were reported in available accounts.