Corbeil-Essonnes hospital refuses to pay ransom, hackers have started spreading data

Computer scientists work in a crisis center at the Sud-Francilien hospital center (CHSF) in Corbeil-Essonnes, south of Paris, on August 26, 2022.

Given the non-payment of the requested ransom, the group of hackers who orchestrated a cyber attack against the Sud-Francilien hospital center in Corbeil-Essonnes (CHSF) started releasing data on Friday, we found out on Sunday, September 25. These data “seems to worry [les] users, [le] staff as well as [les] partners” from the hospital, the CHSF said in a statement Sunday.

In what has been issued, there is potentially “certain administrative data”including Social Security number, and “certain health data, such as examination reports and, in particular, external records of anatomocytopathology, radiology, analytical laboratories, doctors”detailed the establishment.

“CHSF’s business databases, including personalized patient files (DPI) and files related to human resource management, were not compromised”added the establishment. “The attack appears to have been limited to virtual servers and only a portion of CHSF’s storage space (around 10%)”according to the press release.

Read the decryption: The hospital, privileged and controversial target of hackers

A ransom reduced to two million dollars

The hackers had left the hospital until September 23 (Friday) to pay the ransom. According to the specialized site Zataz, Lockbit 3.0 hackers thus distributed more than 11 GB of sensitive content. “This is a double extortion, consisting of exfiltrating part of the stolen data to put pressure on the victims. It is a classic”a cyberspace specialist explained to Agence France-Presse (AFP).

The hospital, located south of Paris, which provides health coverage to nearly 700,000 inhabitants of the periphery, had been the victim of a cyberattack on August 21, demanding a ransom of 10 million dollars. Then it would have been reduced to a million dollars, according to several concordant sources.

According to Zataz, now the hackers would claim at the hospital “$2 million ($1 million to destroy stolen data and $1 million to restore access to information through its dedicated software)”. The cyberattack launched in August affected business software, storage systems, and even the facility’s patient admissions information system, rendering them inaccessible.

read also Article reserved for our subscribers Ransomware: How French Authorities Track Cybercriminals

“White plan” to ensure continuity of care

The hospital filed a complaint and seized the National Commission for Informatics and Liberties (CNIL). The investigation, opened by the Paris prosecutor’s office and entrusted to the gendarmes of the Center for the Fight against Digital Crime (C3N), is underway.

The National Authority for the Security and Defense of Information Systems (Anssi) is also seized. “Despite these measures and this reactivity, the hackers managed to leak personal data, including health data.”the hospital lamented in a statement in mid-September.

After the attack, the hospital, whose emergency room usually receives 230 people a day, had launched an emergency plan said “white map” to ensure continuity of care. A wave of cyberattacks has been targeting the French and European hospital sector for about two years. In 2021, Anssi registered an average of one incident per week in a health facility in France.

The world with AFP

Leave a Comment

Your email address will not be published. Required fields are marked *