A French Hospital Is Redirecting Patients Because of Ransomware

pcmag.com:

A ransomware attack has forced a hospital in France to send patients elsewhere.

The Centre Hospitalier Sud Francilien (CHSF) says(Opens in a new window) the ransomware attack made "all the hospital's business software, storage systems (including medical imaging), and the information system relating to patient admissions inaccessible" starting early in the morning of Aug. 21.

CHSF says it will refer patients requiring medical imaging to other facilities. It says(Opens in a new window) in a separate notice that because "health professionals currently work without the help of IT, which generates much longer than average wait times," emergency patients should seek treatment elsewhere.

Le Monde reports(Opens in a new window) that the ransomware operators have demanded $10 million. Corse-Matin reports(Opens in a new window) that CHSF was attacked using the LockBit 3.0 ransomware-as-a-service which, as BleepingComputer notes(Opens in a new window), violates LockBit's rules stating that healthcare providers are off limits.

Sophos reported(Opens in a new window) in June that ransomware attacks targeting the healthcare industry nearly doubled from 2020 to 2021. The company also said healthcare providers are more likely to pay a ransom than other companies even though very few of them can restore all their data afterwards.

Healthcare providers can also take a long time to recover from these attacks, with Sophos reporting that "44% of healthcare organizations that suffered an attack in the last year took up to a week to recover from the most significant attack, whereas 25% of them took up to one month."

CHSF hasn't offered additional information about how it plans to respond to the attack.

Sign up for SecurityWatch newsletter for