Cyber Incident Victim: Centre Hospitalier de Saint-Gaudens

The cyberattack on the Hôpital de Saint-Gaudens (Comminges-Pyrénées hospital center) in Haute-Garonne, France, began around 4:00 AM on April 8, 2021, severely disrupting hospital operations. The hospital's administration, led by director Jean-Marc Viguier, confirmed the incident involved a ransom demand, though the specific threat actor or ransomware variant was not disclosed in available reports. In response to the attack, the hospital proactively blocked all computer servers to contain the threat and prevent further data compromise, particularly aiming to halt potential exfiltration of patient information. This containment measure resulted in widespread system outages, crippling routine administrative and clinical functions. The hospital's phone systems became non-operational, cutting off a primary communication channel for patients and staff. No details were provided regarding the initial attack vector, duration of encryption, or whether backups were utilized for recovery.

This incident marked the second cyberattack targeting the hospital within weeks, though specifics about the prior event were not elaborated. The attack occurred amid a broader surge of ransomware incidents affecting French healthcare entities, with DoppelPaymer ransomware explicitly linked to some contemporaneous attacks on medical facilities in France. While the hospital's defensive actions focused on isolating systems, the operational consequences included persistent service interruptions affecting patient care coordination. No verifiable evidence confirmed whether patient data was actually exfiltrated or encrypted, though the hospital's statement emphasized preventive measures against "data aspiration." The administration did not disclose whether the ransom was paid, the demanded amount, or the timeline for restoring full operations. France Bleu Occitanie first reported the incident, noting its ongoing impact on hospital functionality during the initial hours of the disruption.