The Hôpital de Cannes – Simone Veil (CHC-SV) in France introduced it acquired a ransom demand from the Lockbit 3.0 ransomware gang, saying they refuse to pay the ransom.
On April 17, the 840-bed hospital introduced a extreme operational disruption brought on by a cyberattack that pressured it to take all computer systems offline and reschedule non-emergency procedures and appointments.
Yesterday, the institution introduced on X that it has acquired a ransom demand by the Lockbit 3.0 ransomware operation, which it forwarded to the Gendarmerie and the Nationwide Company for Data Programs Safety (ANSSI).
On the similar time, the LockBit ransomware group added CHC-SV on their extortion portal on the darkweb, threatening to leak the primary pattern pack of information stolen through the assault by the top of the day.
The healthcare group tweeted that they won’t pay the ransom and promised to tell impacted people if the menace actors start leaking knowledge.
“In the event of a data release potentially belonging to the hospital, we will communicate to our patients and stakeholders, after a detailed review of the files that may have been exfiltrated, about the nature of the stolen information.”
In the meantime, the hospital’s IT employees are nonetheless preventing to convey impacted techniques again to regular operational standing, as inner investigations on the incident stay ongoing.
Damage however nonetheless ruthless
FBI’s disruption of the LockBit ransomware-as-a-service operation by way of ‘Operation Cronos’ and the simultaneous launch of a decryptor in mid February 2024, have had an antagonistic influence on the menace group.
Associates have misplaced their belief within the challenge, and a few members opted to put low in worry of identification and prosecution.
Regardless of the disruption, the ransomware challenge carried out a restart solely per week later, establishing new knowledge leak websites and utilizing up to date encryptors and ransom notes.
LockBit’s coverage about assaults on healthcare suppliers has all the time been muddy at finest, with the group’s leaders not implementing the declared restrictions on associates performing assaults that impacted affected person care.
The assault on CHC-SV acts as a affirmation of the menace group’s full disregard for the delicate matter of avoiding disruption of healthcare providers.