Hackers from the Corbeil-Essonnes hospital have published a sample of data stolen during the cyberattack. They are now threatening to publish them in full if a $10 million ransom is not paid.
The hackers behind the attack on the Corbeil-Essonnes hospital in August followed through on their threats by disclosing the stolen health information, putting those affected by the fraud at risk of blackmail or extortion. The hospital on Sunday confirmed the release of data that “seem to concern our users, our staff and our partners».
SEE ALSO – Corbeil-Essonnes Hospital: “Out of the questionto pay a ransom after the hacking, assures François Braun
Among the information published are:certain administrative data“, including the social security number, and “certain health data such as examination reports and in particular external files of anatomocytopathology, radiology, analysis laboratories, doctors“, continues the hospital center. “The attack seems to have been confined to virtual servers and only part of the CHSF storage space (about 10%)“, he adds. It was the cybersecurity blog Zataz.com, which had given the alert, claiming that a “first broadcast (of data) was (was) orchestrated as an 11.7 gigabyte compressed file».
Read alsoTargeted by hackers, French hospitals sick of their cybersecurity
According to Damien Bancal, the author of the blog who was able to consult the file, it contains documents as varied as medical examinations, applications for universal medical coverage (CMU), and an authorization for compulsory internment in psychiatric department. “Nevertheless, at this stage of the analysis of the elements in the possession of the investigating services, it is not possible» easy access to data«the Paris prosecutor’s office told AFP. “Only insiders can access the data” confirmed Damien Bancal to AFP.
An investigation was opened by the Paris prosecutor’s office and entrusted to the gendarmes of the Center for the Fight against Digital Crime (C3N). The risk now is that crooks will use the accessible data to mount new targeted attacks, using the personal information at their disposal to capture the victim’s trust.
Security measures
For example, attackers will search for “bosses, important personalities“, and set up scams like”president fraud“, where the scammer manages to obtain a bank transfer from an institution by pretending to be his boss or his financial director, explained Damien Bancal. Attackers can also use phone numbers to set up personal training account (CPF) or cryptocurrency scams, email addresses to make “Phishing” (in English “phishing», encouraging the Internet user to download malicious files or to click on links to extort identifiers and access codes, etc.).
Read alsoShawn Henry: «Cyberattacks will be an integral part of conflicts in the future»
In its press release, the Corbeil-Essonnes hospital center recalled several security measures to be followed by those potentially concerned. In the event of receipt of an email, SMS, or telephone call requesting such or such action from the user, it is necessary toverify that the sender is legitimate and related to the subject» et «never provide confidential information (banking, passwords, etc.)“. It’s necessary “be vigilant if the tone of the message is urgent, that it pushes you to action, especially if you were not expecting this message“, also indicated the hospital.
He also recommendsverify associated accounts“to a Social Security number and to change the passwords”at the slightest doubt“. According to Zataz, the hackers had set a September 23 ultimatum for the hospital to pay the ransom. The hospital, located in Essonne, south of Paris, provides health coverage for nearly 700,000 inhabitants of the outer suburbs. He had been the victim on August 21 of a cyberattack with a ransom demand of 10 million dollars, then reduced to one or two million dollars, according to the sources. Public establishments never pay the ransoms, the law prohibits them from doing so. Contacted by AFP, the Ministry of Health was unable to comment on these developments on Sunday.