The Consorcio Sanitari Integral (CSI), mainly participated by the Generalitat, has admitted that this week’s cyberattack on three Catalan hospitals not only has it caused the temporary loss of access to user information, which is in the process of being recovered, but has even seen data confidentiality compromised.
This has been said in a statement by the CSI, which has reported that from the first moment the situation has been reported to the Catalan Data Protection Authority (APDCAT) and the Cybersecurity Agency of Catalonia of the incident suffered and the actions that are being carried out. They have also stated that “work is being done jointly with these organizations to define its scope and adopt the appropriate measures“.
The CSI claims to have taken the “timely corrective measures” to solve the problem: restore the system with a cloud backup servicemeasures to avoid impersonation of users of corporate information systems or activate the contingency plan to maintain care activity.
Once the leak of “a small volume of data” has been confirmed, the Cybersecurity Agency analyzes the situation and “professionals are advised to pay special attention before possible information that may arrive by email or mobile terminals, to avoid eventual impersonations”.
Related news
“The CSI will exercise all legal actions available to you regarding to those responsible for any misuse or disclosure of information that goes against the confidentiality of the affected information”, warned the Health Consortium in its note referring to the authors of the cyberattack on thirteen Catalan health centers, including three large hospitals .
The Ara newspaper has encrypted the data that has been leaked at 52 gigabytes, and affirms that behind the attack is one of the largest groups of cybercriminals, Gold Dupont, who accessed it through the RansomExx malware.