2023-07-29 21:37:54
After the theft, concealment. According to Clément Domingo, a “nice hacker” as he presents himself on Twitter, the group of cybercriminals Bianlian, which could be behind the hacking of the information system of the University Hospital of Rennes (Ille-et-Vilaine), has started to publish some of the personal data he may have stolen in an attack on June 21.
“The group of cybercriminals Bianlian is starting to put 300 GB of data online… It includes sensitive data such as: personal data, financial documents, data from hospital health personnel”, assures the young man on his twitter account. However, he recalls that this group never claimed responsibility for this attack.
“Usually, this kind of attack is claimed and a kind of countdown is given: if on such a day, we have not received such an amount, we balance the data. This time, information started coming out that night, apparently for no reason,” he observes, calling for caution and patience.
The agents received a threatening email
In a press release quoted by the local media, the Rennes hospital confirms that “thirty professionals from the CHU today received a suspicious email, not yet authenticated, threatening the CHU with a broadcast, on the dark web, of everything or part of the data that was the subject of an illegitimate exfiltration during the cyberattack that took place on June 21. The risk for the agents, if this leak were proven, would be the compromise of their emails and possible scams (by telephone for example).
“The data concerning the patients to which the attacker potentially had access concern the Dental Care Center (CSD), the technical rooms of cardiology and the laboratories of the CHU. It also emerges from the investigations carried out that the personal data of CHU professionals are also affected by the data leak (social security number, salary slip)”, was able to identify the hospital.
The Rennes University Hospital (Ille-et-Vilaine) had filed a complaint and investigations were underway to identify the scope of the data leak that occurred during the cyberattack that targeted the hospital. According to management, interviewed 48 hours after the cyberattack, no ransom demand was made by hackers, and at this stage of the investigations, no file had been encrypted.
“We do not know the cause, the origin of the attack in a precise way. On the other hand, what we can say is that there is a strong presumption that the origin of the attack is external to the CHU, via one of our service providers, “said Véronique Anatole-Touzet, director of the CHU, which has 1,000 servers and 700 workstations.
#Cyberattack #Rennes #University #Hospital #stolen #data #published