FRANCE — A hospital in Versailles, near Paris had to cancel operations and transfer some patients after being hit by a cyberattack over the weekend, France’s health ministry has said.
Six patients had been transferred by Saturday evening — three from intensive care and three from the neonatal unit — said the minister, Francois Braun, as he visited the hospital. Others might follow, he added.
The regional health agency (ARS) said the hospital had canceled operations but was doing everything possible to keep walk-in services and consultations running.
Extra staff had to be called into the intensive care unit because, while the machines there were still functioning, more people were needed to watch the screens as they were no longer working as part of a network, aid Braun.
The cyberattack had led to a “total reorganization of the hospital” the minister added.
The Paris prosecutor’s office has opened a preliminary investigation into hacking state data and attempted extortion after the hospital filed a formal complaint Sunday.
For several months now, hospitals and health systems in France have been targeted by hackers for such cyber-attacks.
According to Braun, the same hospital had already seen off cyberattacks in recent months.
Hospitals under siege from cyberattacks
In August, the Center Hospitalier Sud Francilien (CHSF), a hospital southeast of Paris, suffered a ransomware attack, taking several weeks to get back to normal functioning.
The attack disrupted the emergency services and surgeries and forced the hospital to refer patients to other structures.
On that occasion, the attack was followed by a demand for US$10 million, subsequently lowered to US$1 or US$2 million.
The hackers set a September 23 deadline for the hospital to pay the ransom, after which they posted confidential data on patients and staff to the “dark web”.
The CHSF hospital in Essonne – which has a one-thousand-bed capacity to provide medical care for a population of nearly 600,000 inhabitants in the greater Paris area – triggered a so-called “white plan” emergency operation to ensure health services could be maintained.
The hospital said the attack rendered inaccessible “all the hospital’s business software, storage systems – particularly medical imaging – and the information system relating to patient admissions.”
Last April, the computer systems of nine hospitals in France’s Grand Est region were compromised by hackers and in March, a hospital in Ajaccio was also the victim of a ransomware cyberattack.
In 2021, hospitals in the Landes, Haute-Garonne, and Pyrénées-Atlantiques departments were also victims of cyber-attacks, disrupting or shutting down their IT services.
Farther East, India’s top medical institute came to a near-halt in November after a massive cyberattack derailed everyday work, appointments and registration, billing, patient care information, and lab reports.
The attack corrupted files and data on main and backup servers of the mega-hospital. Everything was moved to manual mode at the All India Institute of Medical Science (AIIMS) and the giant handling four million patients a year crawled on paper systems for over a week.
On Oct. 3, CommonSpirit Health was the victim of a cyberattack, which forced the health company to take certain computer systems offline “as a precautionary step,” the company stated shortly after learning of the incident.
While it is unclear whether patient health information was compromised, patients have reported how the cyberattack has affected their health care and treatments.