The hackers who breached French hospital Centre Hospitalier Sud Francilien in August have now leaked patient information online in retaliation to the authorities' refusal to pay a ransom.
Criminals hit the Hospital Center Sud Francilien (CHSF) in Corbeil-Essonnessouth-east of Paris during a weekend in late August. All health services were disrupted with no computer systems in operation. The hospital sent some patients to nearby facilities, and major surgical procedures were postponed.
The hackers used LockBit ransomware and asked for $10 million to unlock the systems. They also threatened to release all the information they managed to steal during the intrusion. Criminals have now released that data into the wild.
"On September 23, the cybercriminals followed through on their disclosure threat. Exfiltrated data was published on their site," said the hospital in a press release. "In view of the first investigations carried out by the experts mobilized since the disclosure, the data published seems to concern our users, our staff and our partners."
"Also it should be considered that some of their administrative data including the NIR (social security number) and their health data such as examination reports and in particular external files of anatomocytopathology, radiology, laboratories of analysis, doctors are potentially among the data leaked on the attackers' site," they added.
The hospital is now informing its staff and patients of the data breach, warning employees and other affected parties to watch closely in coming months for phishing attacks. Other groups could use the leaked private information in various fraud schemes in the near future.
The CHSF data breach and ransomware infection prompted a national effort to boost hospital cybersecurity nationwide. According to RFI, Health Minister François Braun announced an additional €20 million to increase security in French hospitals.