Over 400 New Jersey Auctions End Tomorrow 04/25 - Bid Now
Over 1650 Total Lots Up For Auction at Four Locations - MA 04/30, NJ Cleansweep 05/02, TX 05/06, NJ 05/08

Spanish Spanish

Data from French hospital that refused to pay ransom leaked to dark web

by John R. Fischer, Senior Reporter | October 03, 2022
Cyber Security European News Health IT
Share
Hackers leaked patient information stolen from the Centre Hospitalier Sud Francilien (CHSF) in France after the hospital refused to pay a $1 million ransom. (Photo courtesy of CHSF)
Hackers who infiltrated and stole data from a French hospital in August have now released personal patient records on the dark web in response to the institution’s refusal to pay the group’s $1 million ransom.

The 1,000-bed Centre Hospitalier Sud Francilien (CHSF) in Corbeil-Essonnes, near Paris, shut down its emergency services and transferred many patients to other hospital facilities after finding that the Lockbit ransomware group stole social security numbers, medical scans, lab reports and other health data via a ransomware strain known as Lockbit 3.0.

Under French law, public institutions are banned from paying ransoms. The group demanded $10 million (over €10 million) for the return of the data. It later downgraded the ransom to $1 million (over €1 million) and postponed the ultimatum deadline, but the hospital still refused to pay, according to French outlet, Le Parisien.

"Even if they ask for 150,000 euros, we will not pay. That is the rule that has been established," said Medhy Zeghouf, president of the board of CHSF.

In response, the group published 12 gigabytes of patient and staff data the weekend of September 23 on the dark web, a part of the internet that requires special software to access.

Health minister François Braun condemned the leak in a tweet, saying that Paris would "not give in to these criminals."

The hospital transferred 13 infants in intensive care “as a precaution,” and saw its emergency care intake drop by more than half, with one patient unable to undergo surgery because of disruptions to imaging data. At one point, its phone was the only system still functioning, reported The Local.

The hospital said the attack was limited to virtual servers that hold one-tenth of its data. An ongoing investigation by the French National Agency for Information Systems Security and two cybersecurity companies confirmed that business databases, including personalized patient files and human resources management files, were not compromised.

The event, according to Braun, led the French government in late August to invest an additional €20 million (over $19 million) on hospital security.

Following the leak, the hospital restricted access to its systems and warned patients to be extra careful when receiving emails, text messages or calls.

Back to HCB News
Sign up for Health IT stories Sign up for Weekly Top stories

You Must Be Logged In To Post A Comment

Sign up for Weekly Top stories

Sign up for Health IT stories

 

advertisement

Health IT Homepage

Bayer and Google Cloud to accelerate development of AI-powered radiology applications
GE HealthCare closes MIM Software deal
Teleradiology company and CEO admit to unlawful billing, will pay $3.1 million
How Gartner's 2024 cybersecurity trends can guide your cybersecurity efforts
IONIC Health, GE HealthCare announce 510(k)-clearance of nCommand Lite System for multi-vendor, remote imaging
Field service technicians: Unsung heroes in maintaining efficiency and reducing headaches in hospital networks
HHS opens probe into role Change Healthcare may have played in cyberattack
Philips and AWS unveil pathology cloud data storing initiative at HIMSS
PE firm Frazier HealthCare Partners acquires RevSpring from GTCR
Ransomware attackers claim they sold Lurie Children's Hospital data for $3.4 million on dark web