The André-Mignot teaching hospital in the suburbs of Paris had to shut down its phone and computer systems because of a ransomware attack that occurred on Saturday evening.
According to Richard Delepierre, the co-chairman of the hospital’s supervisory board, the attackers behind this ransomware incident have already demanded a ransom.
“A ransom, the amount of which I do not know, has been requested but we do not intend to pay it,” Delepierre said per an RFI report.
Currently, the hospital only accepts walk-ins and consultations as it had to partially cancel operations. It was also forced to transfer six patients from its neonatal and intensive care units to other healthcare facilities, according to France’s Minister of Health and Prevention François Braun.
“Taking the health of the French hostage is inadmissible. I was this evening with @jnbarrot with the teams of the André-Mignot hospital, victim of a cyberattack,” Braun said on Sunday.
“All our means are deployed alongside the professionals mobilized to ensure the care of patients.”
The Ile-de-France Regional Health Agency (ARS) advised patients with already scheduled consultations or planned interventions (e.g., surgery, chemotherapy, radiotherapy) to reach out to their doctor or the department they were assigned, who will redirect them to an available treatment unit.
L’hôpital Mignot au Chesnay est victime d’une cyberattaque d’ampleur. Honte aux criminels qui s’en prennent aux plus fragiles. J’irai ce midi témoigner du soutien du gouvernement aux équipes mobilisées pour assurer la prise en charge des patients.@FrcsBraun
— Jean-Noël Barrot (@jnbarrot) December 4, 2022
Jean-Noël Barrot, the Minister Delegate in charge of Digital Transition and Telecommunications, said the hospital immediately isolated the infected systems to limit the spread of the malware to additional devices and alerted the French National Authority for Security and Defense of Information Systems (ANSSI).
The cyberattack is now being investigated by ANSSI and the Paris prosecutor’s office, which has also opened a preliminary investigation into hacking state data and attempted extortion after the André-Mignot hospital filed a formal complaint on Sunday.
“To date, no other health facility in the region has been impacted by this cyberattack on which investigations are continuing by the National Authority for Security and Defense of Information Systems (ANSSI),” ARS added.
While the ransomware operation behind the attack on the André-Mignot hospital remains unknown, multiple gangs are known for targeting healthcare organizations.
U.S. federal authorities have previously warned of threat actors deploying Maui and Zeppelin ransomware payloads in attacks against Healthcare and Public Health (HPH) organizations.
Another joint advisory warned in October that a cybercrime group known as Daixin Team was targeting the HPH sector in ongoing ransomware attacks.
In November, the U.S. Department of Health and Human Services (HHS) also alerted the country’s healthcare organizations that they’re being targeted in Venus ransomware attacks known to have made dozens of victims worldwide since mid-August 2022.
The FBI said the notorious Hive ransomware gang also attacks healthcare entities and estimated the group collected roughly $100 million from its victims since June 2021.