Several French hospitals victims of hacking, sensitive patient data for sale on the dark web

Several French hospitals victims of hacking sensitive patient data for

In the territorial hospital group of the Grand Est region (GHT Cœur Grand Est), it is time for computer confinement. All incoming and outgoing internet connections of the nine GHT establishments have been cut “in order to protect and secure information systems and data”, as stated in a press release. In fact, hackers “from abroad” succeeded in infiltrating the networks of the hospitals of Vitry-le-François and Saint-Dizier.

“This cyberattack consisted of copying essentially administrative computer data (…) The applications and software used internally on a daily basis were not affected by the attack and remain operational. The computerized patient file is fully functional. Users continue to be cared for with the same level of quality and safety in all our hospitals.”can we read on the GHT Cœur Grand Est website.

What the press release does not say is that the pirates obviously tried to hold the group to ransom for approximately 1.2 million euros. At least that’s what they say about Industrial Spy, a dark web marketplace specializing in the sale of stolen data. Revealed by Bleeping Computer, this data packet totals 28.7 GB.

As we have seen, there is a jumble of data from mutual insurance companies, RIBs, medical analyses, copies of passports, patient files, letters, schedules, Covid forms, etc. Each document can be purchased individually for a few dollars.

c1525ec7d06da5138edce85cc67e
67ede3baa32acc32f861de9ab06a

This data could obviously be used for identity theft, phishing or scam attempts. This is why GHT patients are asked to remain particularly vigilant over the coming weeks when receiving emails, text messages or phone calls.

Sources: GHT Heart Grand Est, Bleeping Computer

1nc1