Faced with non-payment of the demanded ransom, the group of hackers planned Cyberattack on the Sud-Français Hospital Center in Corbeil-Essonnes (CHSF) began disseminating the data on Friday and we learned on Sunday, September 25. That data “I feel worried [les] users, [le] Staff as well [les] Partners » from the hospital, CHSF said in a statement on Sunday.

In aired, likely “Certain Administrative Data”including social security number “Certain health data such as examination reports, especially anatomocytopathology, radiology, analysis laboratories and doctors’ outlines”The firm elaborated.

“CHSF’s business databases, which include personalized patient files (DPIs) and files related to human resource management, were not compromised”The firm added. “The attack appears to be limited to virtual servers and only a fraction of the CHSF storage space (about 10%)”According to the press release.

The ransom was reduced to two million dollars

The hackers left the hospital till September 23 (Friday) to pay the ransom. According to the findings of Monte, more than 11 GB folder has been uploaded on Lockbit Group’s official website. However, the content could not be immediately authenticated. “It’s a double whammy, which involves extracting part of the stolen data to put pressure on the victims. It’s a classic.”A cyberspace specialist explained to Agence France-Presse (AFP).

The hospital, located in the south of Paris and providing health care to about 700,000 residents in the outer suburbs, was the victim of a cyber attack on August 21 that demanded a ransom of $10 million. According to several consolidated sources, it was later reduced to a million dollars.

The cybercriminal group is now demanding $1 million to remove data from its site. The cyber attack, which began in August, affected business software, storage systems and even the institution’s patient access information system, rendering them inaccessible.

“White Plan” to ensure continuity of care

The hospital filed a complaint and the National Commission for Computing and Liberties (CNIL) seized it. The investigation is underway, entrusted to the Center for Gendarmes of the Fight Against Digital Crime (C3N) opened by the Paris Prosecutor’s Office.

The National Authority for Security and Defense of Information Systems (ANSI) has also been seized. “Despite these measures and this response, hackers managed to leak personal data, including health data”lamented the hospital in a statement in mid-September.

After the attack, the hospital had an emergency room that normally saw 230 people a day An emergency plan was launched That “Plan Blank” To ensure continuity of care. A wave of cyber attacks has targeted the French and European hospital sector for nearly two years. In 2021, Anci recorded an average of one case per week in a health facility in France.