Montpellier-Méditerranée Airport

Montpellier-Méditerranée Airport, located in France, functions as an international airport serving the Montpellier metropolitan area and the broader Occitanie region. It delivers full-scale air transportation services, encompassing passenger terminal operations, aircraft ground support, baggage handling systems, and flight scheduling. The airport accommodates commercial carriers offering routes to domestic French cities and international European destinations, thereby supporting regional connectivity for leisure and business travelers. Its infrastructure includes runways, terminals, and logistical facilities designed to process passenger traffic and cargo. Daily activities involve check-in services, security checkpoints, boarding management, and luggage transport, all traditionally reliant on integrated information technology systems for coordination and efficiency. As a critical piece of regional transportation infrastructure, the airport plays a vital role in the local economy and tourism sector by enabling air access to the Mediterranean coast.

On July 1, 2023, the airport encountered a severe cyberattack that compromised its internal IT environment, leading to a significant operational disruption. The assault's force necessitated the immediate shift to manual methods for core functions such as baggage handling and passenger boarding, which continued for multiple hours. While flight cancellations were averted through these contingency measures, the incident resulted in minor delays and prolonged disturbances for passengers and airline partners. In accordance with its emergency procedures, the airport's management activated crisis protocols that focused on containment and recovery. These steps involved network segmentation to isolate unaffected systems from the affected ones, activation of backup systems to maintain basic operations, and engagement of specialized cybersecurity firms to analyze the intrusion and restore services incrementally. French authorities, including the Interior Ministry and the national gendarmerie, were promptly alerted to the situation. The airport subsequently filed a formal police complaint and reported the breach to the Commission Nationale de l'Informatique et des Libertés (CNIL), France's data protection authority, in line with legal obligations. Early forensic reviews indicated that no personal data had been exfiltrated, although investigators considered a potential ransomware objective behind the attack. This event constituted the airport's first large-scale cybersecurity incident, revealing both its vulnerability to sophisticated digital threats and its capacity to respond through predefined plans and inter-agency cooperation. The airport's adherence to regulatory reporting requirements and its methodical recovery approach underscore a structured approach to cybersecurity resilience within the aviation sector.