LockBit Publishes Stolen Data as Hospital Rejects Extortion
French Government Vows Resistance, Stepped-Up Cybersecurity FundingRefusal by a French hospital on the southern edge of greater Paris to pay ransomware hackers led to the publishing of nearly 12 gigabytes of patient and staff data paired with vows of defiance from French government officials.
See Also: Advancing Cyber Resiliency With Proactive Data Risk Reduction
The leak contains Social Security numbers, lab reports and other health data. François Braun, French minister of social affairs and health, condemned the leak and tweeted that Paris will "not give in to these criminals."
The 1,000-bed Centre Hospitalier Sud Francilien in Corbeil-Essonnes underwent a cyberattack late last month and received a $10 million demand from a group now identified as working with LockBit ransomware. Attackers issued an ultimatum for payment that the hospital says it refused to honor. Attackers postponed the ultimatum's trigger date and lowered the ransom demand to $1 million.
Even for a reduced amount, Medhy Zeghouf, president of the board of CHSF, told local newspaper Le Parisien the hospital would refuse to pay. "Even if they ask for 150,000 euros, we will not pay. That is the rule that has been established," he said.
In an online update, the hospital says the attack appears limited to virtual servers that hold one-tenth of the hospital's data. An ongoing investigation is supported by the French National Agency for Information Systems Security and two unnamed cybersecurity companies observed that the business databases of CHSF - including personalized patient files and human resources management files - had not been compromised.
The hospital triggered its contingency "white plan" after the attack and stated in a Sept. 2 update that healthcare operations had been affected by the attack. The hospital transferred, "as a precaution," 13 infants in intensive care, and its emergency care intake decreased by more than half. One emergency room patient referred to surgery couldn't be operated on because of disruptions to imaging data.
Braun in late August said the event spurred the French government into spending an additional 20 million euros on hospital cybersecurity.
State-owned broadcaster Radio France Internationale reports that the French government already allocated 25 million euros to address cybersecurity threats to health facilities in 2021 and 2022.