They have chosen to broadcast what is most personal and intimate in a patient. The group of Russian-speaking hackers Lockbit 3.0 has disclosed on the darknet nominative reports of colonoscopy, childbirth, gynecological examinations… Among these documents that the investigation unit of Radio France has consulted, there is even a request for an autopsy. about a young patient who died in the hospital. Each time, the surnames, first names and dates of birth of the patients are entered on the barcode label, reserved for hospitalized persons and attached to their file.
As the management of the Corbeil-Essonnes hospital had indicated in its press release, “examination reports, and in particular external files of anatomocytopathology, radiology, analysis laboratories and doctors”, have been broadcast. Anatomocytopathology is a specialty that consists of examining organs, tissues or cells to identify and analyze abnormalities related to a disease. And it is indeed this kind of data that can be read in the pirated documents.
Requests and examination reports for women with breast cancer are numerous. We can discover their history, their medical and surgical treatment, whether they have undergone a mastectomy, for example. For Damien Bancal, of the specialized site zataz.com (which had given the alert on the disclosure of the data on September 23), it is no coincidence that the hackers chose to disseminate this data precisely. “They do what I call malicious marketingexplains the specialist. At the moment, the “Pink October” operation is taking place to raise awareness of breast cancer.
“We realize that the hackers have disseminated information related to the news of the moment.”
Damien Bancal, journalist at zataz.comto the investigation unit of Radio France
Why so much cynicism? “It’s a way for hackers to keep pushingexplains Damien Bancal, whether on the hospital center but also and above all for the other companies they have in hand.“The cybersecurity specialist specifies that since the hacking of the Corbeil-Essonnes hospital on August 20, “more than 200 companies were attacked”. “It’s sort of like the book The Art of War. I kill one so that the others are afraid and the others pay.”
As of today, according to our information, 11,000 Internet users have consulted the health data that was stolen from the Corbeil-Essonnes hospital and disclosed on the darknet. The risk is that some of them disseminate this information more widely on the web, that they resell it or exploit it maliciously. “Patient emails can be used for Medicare phishingcontinues Damien Bancal. Telephone numbers can be used to intercept banking data, for example. They are capable of anything.”
When questioned, the Corbeil-Essonnes hospital indicates that it does not know in detail which patients have had their data disclosed. As a precaution, the establishment sent an email to a million patients and ex-patients to inform them of this data leak and tell them what to do. People who believe they have been victims of this cyberattack can go to the cybermalveillance.gouv.fr website to fill out a letter-complaint, which must then be sent to the Center for the Fight against Digital Crimes in charge of the investigation under the authority of the Paris prosecutor’s office.
* websites not referenced by conventional browsers