Fraud Management & Cybercrime , Healthcare , Industry Specific
RansomExx Leaks 52GB of Barcelona Health Centers' Data
Consorci Sanitari Integral Says It Is Fully Recovered From Ransomware AttackA ransomware gang says it published information including medical test results and identity cards stolen from a Barcelona hospital system that serves more than 1 million patients each year.
See Also: The Healthcare CISO’s Guide to Medical IoT Security
RansomExx says a 52-gigabyte file published Tuesday on the dark web contains data taken from the Consorci Sanitari Integral, a public entity that provides medical and social services.
CSI says it is working alongside the Cybersecurity Agency of Catalonia and the Catalan Data Protection Authority to limit the scope of the breach.
The hospital system of more than 3,000 physicians and staff acknowledged a "compromise in data confidentiality." It detected a ransomware attack during the early hours of Oct. 7, leading to three days of reduced functionality at the Barcelona hospitals Dos de Maig and Creu Roja de l'Hospitalet and the nearby Moisès Broggi facility in Sant Joan Despí. Also affected were 10 other health centers, the majority of them in the city's southern suburbs.
Spanish newspaper El País reports that emergency services were unaffected but that medical equipment for specialist visits, including X-ray machines, were unavailable.
Catalonian public broadcaster Corporació Catalana de Mitjans Audiovisuals reported that staff at affected hospitals said they couldn't access computerized patient records, medication plans or diagnostic tests. The attack also affected the email service of healthcare workers.
CSI said on Tuesday it fully restored its systems using a backup copy from the cloud. Defenses including network segmentation and firewalls limited the attack's impact, it said.
Steps to restoration included updating more than 3,000 computers with new software and providing new computers for primary care centers.
On Sunday, the office of the president of the Government of Catalonia credited a speedy recovery already in process to a security plan developed two years earlier by the Cybersecurity Agency of Catalonia and the department of health.