French hospital complex suspends operations, transfers patients after ransomware attack
A hospital complex in France has suspended medical operations and transferred six patients following a ransomware attack this weekend.
France’s health ministry said that the Hospital Centre of Versailles – a complex including two hospitals and a retirement home – was currently entirely without any computer systems.
Three of the transferred patients were in intensive care and three others were from its neonatal unit. Francois Braun, the country’s health minister, warned on Sunday that more patients may need to be transferred to other facilities following the attack, which has led to a “total reorganization of the hospital.”
In a tweet in French, the minister said: “Taking hostage the health of the French people is unacceptable… All of our means are being deployed alongside the professionals mobilized to ensure care of patients.”
Prendre en otage la santé des Français est inadmissible. J’étais ce soir avec @jnbarrot auprès des équipes de l’hôpital André-Mignot, victime d’une cyberattaque. Tous nous moyens sont déployés aux côtés des professionnels mobilisés pour assurer la prise en charge des patients. pic.twitter.com/pffcRJh8q5— François Braun (@FrcsBraun) December 4, 2022
Critical machines in the hospital’s intensive care unit are still functioning but the hospital’s internal network is down, meaning that staff are spread thin without the ability to monitor them individually.
Prosecutors in Paris have opened a preliminary investigation into what was described as an attempted extortion.
Braun said that there have been “daily attacks” against healthcare providers in France for several months, including the Hospital Centre of Versailles, although the “vast majority” of these attacks are prevented.
In August, another hospital on the outskirts of Paris, the Center Hospitalier Sud Francilien, was hit by a ransomware attack which took several weeks to recover from.
Sensitive data from staff and patients was posted to the attackers’ extortion site. French police named the LockBit ransomware group as the culprits behind the attack.
The Record has contacted the Health Ministry, as well as France’s national cybersecurity agency, Agence nationale de la sécurité des systèmes d’information (ANSSI), for comment.
The attack follows the head of ANSSI, Guillaume Poupard, announcing that he would be leaving his post after eight years and nine months.
Alexander Martin is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.