The mines were a bit tired this Friday in the meeting room of the Rennes University Hospital. Since the detection of the cyberattack suffered by the establishment on Wednesday afternoon, the management of the hospital has spent most of its time in meetings. Objective: to understand what led to the hacking of the CHU’s computer system, analyze the damage and do everything to repair it as quickly as possible. The director hammered it for an hour: “All consultations are maintained. There has been no impact on patient care and there will not be. Our care missions continue,” assures Véronique Anatole-Touzet.
The director of the CHU confirmed the data leak but could not quantify it. “We do not know if any data concerning our patients has leaked. It is also not known if data concerning our personnel has leaked. We don’t know the extent of the leak,” admits the director.
The alert was given around 4 p.m. Wednesday. According to the establishment’s director of digital services, it was the software agents located in the thousand servers used by the CHU that gave the alert to Orange Cyberdefense services. “A suspicious activity was detected showing abnormal exchanges of data”, says Christine Pichon.
“Not a big impact on the activity” of caregivers
Quickly, all the Internet connections connecting the 7,000 computers of the establishment were interrupted, limiting the leak of data. No ransom has yet been claimed and the origin of the attack has not been identified. “We have strong presumptions that it is of an external origin via one of our service providers”, explains Véronique Anatole-Touzet. It is through this flaw that the hackers would have pierced the CHU network.
The management ensures that it was “prepared” for such an incident and that its services reacted perfectly. The “breakage” thus seems less severe than at the University Hospital of Brest, victim of a cyberattack this year. “We have already been able to collect incoming email flows. Our internal messaging is working and the caregivers that I have been able to meet have not told me of a big impact on their activity, ”assures Dr Abel Mamar, who has taken over the management of the crisis unit.
The cyberattack still has some consequences on the daily lives of staff and patients. Payment by credit card is not possible, the website is down and making appointments via the usual portal and via Doctolib is now impossible. “We know it will be long, probably several weeks. But we are perfectly supported by ANSSI [Agence nationale de la sécurité des systèmes d’information] who helps us and carries out technical investigations”. A complaint has been filed and will be investigated by the specialized Paris prosecutor’s office. A report to the CNIL was also made.