840-bed hospital in France postpones procedures after cyberattack

The Hospital Simone Veil in Cannes (CHC-SV) has announced that it was targeted by a cyberattack on Tuesday morning, severely impacting its operations and forcing staff to go back to pen and paper.

CHC-SV is an important medical establishment in France, particularly in the region of Cannes, offering a broad range of medical specialties through 2,100 employees, including 230 doctors.

With a capacity of 869 beds, it handles 150,000 outpatient and 50,000 emergency room visits, performs 9,000 surgeries, and assists in 1,500 births annually.

The Hospital announced that it was forced to take all computers offline earlier this week due to a cyberattack, leaving only telephone systems available for communication.

The facility didn't disclose many details about the attack but said it has received no ransom demands by cybercriminals yet.

"The cyberattack is currently being analyzed with the help of expert partners (ANSSI, Cert Santé, Orange CyberDefense, GHT06)," reads the announcement.

"So far, there has been no demand for ransom nor any data theft identified. Investigations are ongoing."

Emergency, medicine, surgery, obstetrics, geriatrics, pediatrics, psychiatry, home hospitalization, and rehabilitation units continue to operate. However, all data handling has fallen to "pen and paper" practices, and some patients are being diverted to other hospitals nearby on a per-case basis.

Unfortunately, roughly 30% of all non-urgent surgical procedures scheduled for this week have been canceled due to the cyberattack, and many non-urgent consultations were rescheduled for later.

Consultations that do not require computers for logging or accessing historical data and test results will be held as usual.

"CHC-SV had never before been the victim of a cyberattack of this kind," commented the hospital administration in the announcement, adding that cyber-exercises held in recent months played a crucial role in managing to contain the damage and mitigating the impact of the incident.

The priority of CHC-SV right now is to restart patient care systems that contain test results and patient records. However, the Hospital noted that this depends on the progress of the technical investigations, which could take a long time.

By the time of writing this, no major ransomware or extortion groups have claimed responsibility for the attack at CHC-SV.

If the attack is the work of such a threat group, it would typically also involve the theft of sensitive patient data potentially impacting a large number of people in France.