On August 21st, the hackers responsible for the cyber attack against the Center Hospital du Francilien (CHSF) in Corbay-Essonne carried out their threats. If the hospital did not pay the required ransom within the specified period – initially 10 million dollars, today it is five to ten times less – then they would publish a set of stolen data. “The first broadcast was organized as a compressed file of 11.7 gigabytes (…) on Friday, September 23 at 9:42 UTC. », confirms Damien Bankal, manager of Zataz.com, which lists cyberattacks worldwide. The specialist saw the information the hackers had shared on the darknet, but left the top management of CHSF, which provides health coverage for some 700,000 residents of the southern suburbs of Paris, to verify their authenticity. “Based on the initial investigation, the data released appears to relate to our users, our staff and our partners.” points out the facility targeted this Sunday in a lengthy press release. Among the shared user information “their social security number, their health information, such as examination reports and particularly radiology information, laboratory tests and doctors’ reports.”.
But also information about applying for universal medical insurance (CMU) and authorization of compulsory hospitalization in a psychiatric service. “Hackers are Swiss Army knives, every blade of which is harmfulclaims Damien Bankal. All this information is bought and resold to set up scams for personal training accounts (CPF) or even “chairman fraud”, where a fraudster is able to get a bank transfer from an institution by pretending to be their boss or financial manager. »
Observe the greatest caution
On the other hand, the data stolen at this stage will only be partial. “We were able to observe that the business databases, which include personalized patient files (DPI) and human resource management files, were not compromised.adds the leadership of CHSF. The attack appears to have been limited to virtual servers and only a fraction of the storage space, about 10%. »
However, facility officials are urging those potentially affected by these spills to exercise the utmost caution. “Given this situation, we advise you to be especially vigilant against emails, SMS and calls that may attempt to access this data.”they warn by asking verify that the sender is legitimate and related to the subject, and never give out confidential banking information, passwords, etc. “At first glance, there will be many people to contact to alert and protect., confirms Damien Bankal. To this end, CHSF is committed “To send personalized information to its patients and staff in the coming days.”.
Source: Le Figaro
