Over the last few years, numerous hospitals in France have been subject to increasingly frequent and severe cyberattacks that have disrupted healthcare provision to varying degrees. To mitigate this threat, especially in light of the forthcoming 2024 Olympic Games, Assistance Publique-Hôpitaux de Paris in Paris has been developing contingency plans that have been tested in simulated exercises called CRYPTolocker EXercice since May 2021. The latest simulated ransomware cyberattack that involved more than 200 participants took place on July 5, 2023, and lasted for 24 hours. Although cybersecurity contingency plans are confidential for obvious reasons, this article presents the multidisciplinary organization of the simulated attack based on previous experiences from other hospitals and general findings that are in the public domain. It was found that the procedures in place worked well overall, and countermeasures were quickly implemented to limit the severity of this simulated cyberattack. However, failings were observed in intra- and extra-hospital communication, and conflicting priorities between different categories of personnel (administrative, managerial, and clinical) hampered the information technology team in resolving various issues. Furthermore, it was found that mental fatigue, task saturation, and information overload may have overwhelmed senior managers at sporadic intervals. This often resulted in an action-reaction approach being used to find temporary solutions to immediate problems. Consequently, senior managers who participated in this simulated cyberattack were unable to think strategically and anticipate demands for middle- and long-term issues. This unprecedented exercise was an important learning experience for all participants, and the lessons learned will help further improve contingency planning and cyber resilience. It advised that all hospitals worldwide adopt and develop a similar multidisciplinary approach (taking into account their local contexts) to limit the deleterious effects of a potential cyberattack that undoubtedly will become more prevalent in the future.