The hackers behind the cyberattack that targeted the Corbeil-Essonnes hospital last August have carried out their threat. They revealed in the dark web, through a compressed file of 11.7 GB, the data at their disposal. The establishment having rejected their ransom demand. The information disclosed turns out to be very varied.
The information system of the Southern Ile-de-france Hospital of Corbeil-Essonnes (CHSF) was hacked on August 21. The authors of the attack managed to steal a huge volume of data. The establishment is responsible for the health coverage of approximately 700,000 residents of the greater Paris area. A ransom of euro10 million, later reduced to euro1-2 million, was demanded, according to sources.
In recent times, incidents of this type have increased dramatically. So much so that the cybersecurity profile has become very much in demand at the moment for IT freelance assignments. It is located next to the skills in web development, software integration…
Administrative and health data made public
The pirates would have summoned the hospital to pay them the ransom by September 23 at the latest. However, the hospital refused to give in to the blackmail, as the law forbids public institutions to pay ransoms. The hackers then began to leak information when the deadline expired.
The CHSF communicated last September 25 that these data, disseminated in the dark Web :
He announced that these affect certain administrative information as the social security number and to :
Some health data such as examination reports and in particular external files of anatomocytopathology, radiology, analysis laboratories, doctors.
The author of the cybersecurity blog Zataz, Damien Bancal, was able to access the file distributed by the hackers. He found, according to him, a huge variety of documents, including :
-
- An authorization for involuntary commitment to a psychiatric ward ;
-
- Use of the CMU (universal medical coverage) ;
-
- Medical examinations.
The Corbeil hospital then stressed that its business databases were not compromised. This container contains, among other things, files related to the human resources management and the DPI (Computerized patient records).
Hackers may conduct targeted attacks in the near future
The Paris prosecutor’s office has opened an investigation, entrusted to the gendarmes of the C3N (Center for the fight against digital crime).
The risk now is that cybercriminals will use the information in their possession to orchestrate new targeted hacks. In particular, they could exploit this data to gain the victim’s trust.
For example, scammers can exploit :
-
- E-mail addresses in order to set up phishing. This modus operandi consists in pushing the Internet user to click on links or to download malicious files. The objective is to get logins and passwords;
-
- Phone numbers, to conduct crypto asset or CPF (personal training account) scams.
He called on everyone to be cautious when an unexpected phone call, text message, or email reaches them. The hospital asks them in such an event to:
-
- Check the legitimacy of the sender and its relationship to the subject ;
-
- Never give out confidential information such as access codes, credit card numbers, etc.
Vigilance must even be reinforced when the message conveys an urgent tone, inciting them to action.