The data of around 300,000 patients at the Armentières hospital center, in the North, has just been disclosed by cybercriminals, the health establishment has just admitted. The hospital was the victim of a computer attack committed in mid-February, claimed this Sunday by a previously unknown ransomware gang, Blackout.
On their data leak site, these cybercriminals claim to have encrypted more than a hundred servers and workstations at the hospital. They also claim to have gotten their hands on a database of around 20 gigabytes concerning more than 900,000 patients, including their postal addresses, their telephone numbers and even their medical history.
Administrative documents
According to the health establishment, the data that leaked is “essentially lists, containing the contact details, date of arrival and the care sector of the patients concerned”. Good news, no computerized patient file currently appears in the disclosed data. A large part of the stolen data appears to be primarily administrative documents, internal schedules or document models, ZDNET.fr also noted.
The health establishment had already apologized in a message on Facebook after the hackers’ announcement. The hospital center then specified that its IT services had been seized to qualify and verify the nature of the leaked files.
To support its blackmail, Blackout published several screenshots of documents. Including a medical diagnosis from a doctor relating to a patient describing her pathology, particularly sensitive information. From their data leak, the cybercriminals have only one other victim, a Canadian company specializing in metal and ceramic coatings.
Priority, continuity of care
Data leakage, as damaging as it is, is however a lesser evil for public authorities. The head of Anssi in fact recalled during a press conference that the agency was firstly focused on “the continuity of the healthcare offering”. The hospital had to close its emergency rooms at the time before reopening them the following Tuesday.
“The theft of health data is unacceptable,” Vincent Strubel then added, before explaining in substance that efforts to strengthen hospital security – grouped together in the CaRE program – would “take time”. “There is no magic solution,” he summarized.
The latest overview of the threat from Anssi recalled on this subject that the health and local authorities sectors were “still too vulnerable” to attacks by cybercriminals. Healthcare establishments represented 10% of victims of ransomware attacks monitored by the agency in 2023, a stable share compared to 2022.