DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

FR: Mutuelle Nationale des Hospitaliers et des professionnels de la santé et du social (MNH) discloses cyberattack

Posted on February 9, 2021 by Dissent

(translation of statement on their web site):

The MNH has been undergoing a cyber attack since Friday, February 5, 2021 . Computer systems have been disconnected for security reasons.

Our websites (mnh.fr, members’ area, corresponding and elected extranets) as well as our telephone platform (3031) are temporarily unavailable. The processing times for your requests are extended.

Believe that we are well aware of the inconvenience caused. Our teams are working to restore services as quickly as possible.

We are committed to communicating in complete transparency on the evolution of the situation on our website mnh.fr

Gérard Vuidepot, Chairman and Médéric Monestier, Chief Executive Officer

LeMagIT adds some speculation as to how the attackers gained a foothold (translation):

The mutual’s email is protected by Proofpoint, which suggests that the attack did not come that way.  But data from the specialized search engine  Onyphe points to  a Citrix / Netscaler Gateway system that was affected by the CVE-2019-19781 vulnerability, known as  Shitrix, until January 15, 2020.

Such a vulnerability may have been exploited to position a bridgehead that will have been exploited much later.  The example of Dassault Falcon Jet tends to illustrate this, at least if we are to believe the  assertions of the attackers. Last December, they told us they had exploited a system that was still affected by the Shitrix vulnerability at the end of March 2020. But they would not have fully taken advantage of it until around June, three months after having established a head of the bridge.

LeMagIT also notes that polling firm BVA was also hit with ransomware.

h/t, @Chum1ng0

Update:  BleepingComputer reports that the MNH attack was by the RansomExx threat actor(s).

Category: Breach Incidents

Post navigation

← NC: Stolen Chatham county data posted online after cyber incident, includes personnel files, other sensitive documents
University of Colorado responds to Accellion breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors
  • Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
  • 100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC
  • CISA Alert: Updated Guidance on Play Ransomware

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.