“I condemn in the strongest terms the unspeakable disclosure of hacked data from the Corbeil-Essonnes hospital center,” said Health Minister François Braun in a tweet on Sunday afternoon.
«We will not give in to these criminals. All state services are mobilized» alongside the hospital, he added.
According to information provided by the hospital on Sunday, the information disclosed by hackers via the «dark web» (websites not referenced by conventional browsers) «seems to concern our users, our staff and our partners»
Among them are «certain administrative data», including the social security number, and «certain health data such as examination reports and in particular external files of anatomocytopathology, radiology, analysis laboratories, doctors» , continued the hospital center.
“The attack appears to have been confined to virtual servers and only part of the CHSF storage space (about 10%),” he adds.
It was the cybersecurity blog Zataz.com, which had given the alert, saying that a «first release (of data) was (was) orchestrated in the form of a compressed file of 11.7 gigabytes».
According to Damien Bancal, the author of the blog who was able to consult the file, it contains documents as varied as medical examinations, applications for universal medical coverage (CMU), and an authorization for compulsory internment in psychiatric department.
«Nevertheless, at this stage of the analysis of the elements in the possession of the investigating services, it is not possible» to easily access the data, the Paris prosecutor’s office told AFP.
«Only insiders can access the data,» confirmed Mr. Bancal to AFP.
An investigation was opened by the Paris prosecutor’s office and entrusted to the gendarmes of the Center for the Fight against Digital Crime (C3N).
The risk now is that crooks will use the accessible data to mount new targeted attacks, using the personal information at their disposal to capture the victim’s trust.
– Security measures –
The attackers will for example look for «bosses, important personalities», and set up scams such as «frauds on the president», where the scammer manages to obtain a bank transfer from an institution by pretending to be its leader or his chief financial officer, explained Mr. Bancal.
Attackers can also use phone numbers to set up personal training account (CPF) or cryptocurrency scams, email addresses to do «phishing», tricking the user into downloading malicious files or click on links to extort identifiers and access codes…).
According to the entourage of the Minister of Health François Braun, the hospital «is fully mobilized to inform individual patients as well as the members of its staff concerned».
«The establishment also ensures that they exercise the greatest vigilance in the face of scam attempts that could occur in the coming months,» the same source added.
In its press release, the Corbeil-Essonnes hospital recalled the main security measures to be followed.
In the event of receipt of an email, SMS, or telephone call requesting such or such action, it is necessary «to verify that the sender is indeed legitimate and in connection with the subject» and «never provide confidential information (banking, Passwords…)».
You have to «be vigilant if the tone of the message is urgent, that it pushes you to action, all the more so if you were not expecting this message», also indicated the hospital.
It also recommends to «check the accounts associated» with a Social Security number and to change the passwords «if in doubt».
According to Zataz, the hackers had set a September 23 ultimatum for the hospital to pay the ransom.
The hospital, located in Essonne, south of Paris, provides health coverage for nearly 700,000 inhabitants of the outer suburbs.
He had been the victim on August 21 of a cyberattack with a ransom demand of 10 million dollars, then reduced to one or two million dollars, according to the sources.
Public establishments never pay the ransoms, the law prohibits them from doing so.
lby-leo-sm-jpa-kp/may/dlm