Cyber Attacks and Data Breaches in Review: December 2022

Welcome to our latest monthly review of cyber attacks and data breaches. While we’re all eager to turn our attention to 2023 and declare “new year, new me”, we still have some unfinished business in the form of December’s cyber security activity.

We found 78 publicly disclosed security incidents during the month, which accounted for 31,586,757 million breached records.

As ever, you can find the full list of security incidents on our sister site. In this blog, we look at the most notable headlines across Europe.

Versailles hospital suspends operations amid cyber attack

The Andre-Mignot Hospital in Versailles was forced to suspend its operations after it suffered a cyber attack last month.

According to the regional health agency, the hospital’s telephone communications and Internet connectivity were both crippled, while it also lost access to its computer systems.

Meanwhile, six patients – from intensive care and the neonatal unit – had to be transferred to another facility in order to receive the necessary treatment.

France’s health minister, Francois Braun, who visited the hospital amid the disruption, said that the attack led to a “total reorganisation of the hospital”, as additional staff had to be called in to oversee operations in the intensive care unit.

In a tweet, Braun wrote (via machine translation): “Taking the health of the French hostage is unacceptable.

“I was this evening with [Minister for Digital Transition and Telecommunications Jean-Noël Barrot] with the teams at André-Mignot hospital. All our means are deployed alongside the professionals mobilized to ensure the care of patients.”

The incident has all the hallmarks of ransomware, and sure enough, a cyber crime gang soon demanded a payment for their attack.

Richard Delepierre, the co-chairman of the establishment’s supervisory board, told the press on Monday: “A ransom, the amount of which I do not know, has been requested but we do not intend to pay it.”

This is generally considered best practice when it comes to ransomware. Cyber security experts note that there is no guarantee that criminal hackers will keep their word once they have been paid and release the victim’s files. Moreover, paying up once makes the organisation vulnerable for future attacks.

Under French law, this isn’t simply advice: it is illegal for public establishments to pay ransomware demands.

That hasn’t stopped criminal gangs from targeting them, however. The Andre-Mignot Hospital is one of several healthcare facilities that fell victim to ransomware in 2022.

Dutch political party leaks personal data of its members

The Dutch political party Forum voor Democratie confirmed in December that it had accidentally leaked the names, addresses and bank account numbers of all 92,901 current and past members.

On its website, the party describes the incident as a “possible hostile attack” on its IT systems and said that it is considering pressing criminal charges once an investigation has been completed.

Although that suggests that the attack was the result of a complex intrusion into the site’s systems – perhaps as the result of a DDoS (distributed denial-of-service) attack or ransomware, the breach appears to be at least partially self-inflicted.

The damage stemmed from an IT failure in ForumApp, a system created by the party earlier in the month, which left sensitive information publicly available online.

It’s unclear how this could be considered “hostile”, or whether the leaked information has been used for malicious purposes. Nonetheless, anyone involved should be wary, because the compromised information is highly sensitive in nature.

Indeed, regardless of the financial records involved, the leak reveals that those affected are members of the Forum voor Democratie. Under the GDPR (General Data Protection Regulation), political party membership is considered highly sensitive data and is subject to additional protection.

Frederik Zuiderveen Borgesius, a professor of ICT & Law at Radboud University, described the data breach as “extremely shocking”.

“Such a large leak with political preferences has never happened before in the Netherlands. Your political preference is very sensitive and people can therefore be discriminated against. For example, at work, in your street or by your family. This applies not only to Forum, but also to other political parties.”

Are you prepared for a cyber attack?

If you’re facing a cyber security disaster, IT Governance is here to help.

Our Emergency Cyber Incident Response Service provides the support you need to deal with the incident, as our experts guide you through the recovery process.

They’ll review the breach, mitigate the damage and ensure that you are up and running again as soon as possible.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.