Criminal steals data from more than 1.4 million patients in Paris hospitals

Intruders stole data from 1.4 million patients registered in the Paris Public Health System (AP-HP). All people who had their data exposed underwent the covid test-19 until mid- 19. Among the stolen information are the patients’ name, social security number (document equivalent to the CPF of Brazilians), contact information, in addition to the name and contact of the health professionals who attended them at the time.

  • Ransomware causes crash and death in hospital in Germany; attacks hit Brazil
  • Hospital on the coast of Santa Catarina suffers digital kidnapping attack
  • Hospital is processed by a patient who had data leaked in a ransomware attack

According to a statement issued by AP-HP, no other data has been stolen, already that the attack was directed at a system used only in September 2020 to transmit information to the French Tracking System of covid-19, SI-DEP, which was having problems at the time.

AP-HP said it has already removed access to the affected service, and that investigations to identify the origin and the way in which the invasion occurred have already started.

Want to catch up on the best tech news of the day? Go and subscribe to our new channel on youtube, Canaltech News.

Every day a summary of the main news in the tech world for you!

Virtual attacks on hospitals

Hospitals in France, as well as those around the world, have suffered more constant cyber attacks since the beginning of the pandemic. Here in Brazil, recently, Grupo Fleury suffered an invasion that made it impossible to perform exams for a few days.

A survey conducted by Check Point Software with the help of Helder Assis, privacy manager of data from ICTS Protiviti points out that there was a 45% increase in attacks on companies in the health sector in the world in the last year, with hospitals being the most targeted targets , on account of the personal and sensitive data present in the institutions’ databases, which, for criminals, can pay twice, with the ransom, in case of virtual kidnapping attacks (ransomware) and with the promise of non-disclosure of the information.

In addition, the health sector has only recently expanded its virtual security, which makes many criminals see it as an easier target to be invaded.

To help with protection, Helder Assis presented some tips for professional infrastructures:

  • Installing authenticates tion of two factors in the access to the company’s main systems, with special attention to remote access via virtual private networks (VPNs);
  • Use a detection and response solution Endpoint Threats (EDR), a cyber technology that continuously monitors and responds to mitigate cyber threats. In this case, it would be used to block ransomware and file encryption on servers, desktops and notebooks;
  • Perform periodic penetration tests to identify vulnerabilities and risks before attackers ;
  • Implement monitoring of security events through a Security Operations Center, a central platform for detecting and reacting to security incidents;
  • Carry out a permanent cycle of vulnerability management of the technological environment in order to identify, prioritize, remedy and retest.

Source: RFI

Did you like this article?

Subscribe your email on Canaltech to receive daily updates with the latest news from the world of technology.

2020 2020

2020

Related Articles

Back to top button