The IT department at the François Baclesse Center detected and blocked a computer virus of the "worm" type on April 21 at 9 p.m.
The purpose of this malware was:
- to retrieve data;
- to encrypt it so that it could no longer be read;
- to blackmail users into returning the data.
The Centre François Baclesse's Internet connection was cut off for 6 days to prevent the worm from escaping with data and spreading outside. Analysis showed that a third of the computer equipment had been affected.
For 6 days, the IT department carried out complete checks on our information system (servers and workstations), while protecting our external partners.
No data was lost, no data was stolen, no data was encrypted. All our care services have continued to operate normally, with no impact on patients (no rescheduling of appointments, no delays in treatment, etc.).
Fortunately, the Centre's IT department had already trained itself to deal with such situations. Following cyber attacks on other hospitals, the Centre François Baclesse had very recently made the choice, to invest heavily in IT security, for a total budget of €100,000. The security solution deployed in January 2021 enabled the malware to be quickly detected and contained.
The origin of the worm's appearance has been identified: it was a visit to a website from which the "PC 0" computer was infected. This security flaw has now been corrected. The situation is now healthy, and it is planned to further reinforce user vigilance through educational initiatives.
