On July 4, the Luigi Vanvitelli hospital in Italy posted a notice on its homepage that it had been the victim of a ransomware attack on July 1 and was investigating it. There has been no update since then.
Italy24 reports, in part:
Apparently, cybercriminals have stolen the e-mail passwords of university professors, doctors, managers and many employees. Therefore it emerges as a further “significant incident” to an Italian hospital.
The Vanvitelli company confirmed that the attack took place on July 1 and is currently evaluating the extent of the incident and the nature of the data breach. A computer blackout has occurred which has prevented access to the Internet on computers and has caused the blockage of assistance activities at the Policlinico in Piazza Miraglia.
On July 5, Italian Post reported that the threat actors could be part of a group of Chinese hackers. The suggestion apparently relied on the type of email address provided by the attacker to the hospital to contact the attacker for negotiations.
A spokesperson for the hospital also stated that the attack mostly affected software used in analysis laboratories. “This does not mean that the analysis laboratories are at a standstill, but,” she underlines, “at the moment they are proceeding at a very low speed, in a pseudo manual”.
As of July 6, the National Cybersecurity Agency (ACN) had reportedly provided experts to assist the hospital in assessing the scope of the attack and restoring affected systems.
The hospital has not released any information on the attackers or any ransom demand that DataBreaches could find.