We often talk to you about cyber attacks on French hospitals, and this time we couldn't miss it because it was one of our neighbours that was hit.
Last Wednesday, the University Hospital Centre in Rennes was cyber-attacked. At around 6pm, their information system was completely disconnected from the Internet, starting with the intranet and then the e-mail system. Software agents on the servers used by the university hospital alerted Orange Cyber Défense.
The hospital assured us that it was prepared for this situation and had carried out several drills. Once the intrusion had been detected, the hospital was able to react quickly by setting up a crisis centre. To protect itself, the university hospital had to shut down several IT tools, such as teleconsultations, online appointment booking and bank payments. The hospital is operating in a slightly downgraded mode, but management has assured patients that there will be no repercussions on their medical treatment. The hospital has reported the attack to the CNIL, and the ANSSI is also working on the case to determine the nature and type of data stolen.
Very importantly, two days after the attack, a data leak was reported, but unfortunately the extent of the theft and the nature of the data are not yet known. Investigations are still under way, but for the moment the hospital has not received any ransom demands.
Yet another cyber-attack on a hospital, reminding us of the one on Brest University Hospital last March. We hope to have news soon from our neighbour, the hospital in Rennes.