In a March 11 post about non-U.S. hospitals that had been victims of cyberattacks, DataBreaches had noted a report about CHU-BREST. Valéry Rieß-Marchive of LeMagIT has an update and more details on the incident.
The following uses machine translation from the original French:
During a press briefing, this Friday, March 24, the direction of the Brest CHRU explained that the reconnection to the Internet had started, the agents being able to send and receive e-mails again, in particular. After two weeks of operation in degraded mode. Story, from behind the scenes of the hospital’s information system, of what happened.
Read more on LeMagIT about how it started with a compromised user account and how quick actions by the CISO and team thwarted the attack before the attacker could escalate privileges.