A ransomware gang says it published information including medical test results and identity cards stolen from a Barcelona hospital system that serves more than 1 million patients each year.
RansomExx says a 52-gigabyte file published Tuesday on the dark web contains data taken from the Consorci Sanitari Integral, a public entity that provides medical and social services.
CSI says it is working alongside the Cybersecurity Agency of Catalonia and the Catalan Data Protection Authority to limit the scope of the breach.
The hospital system of more than 3,000 physicians and staff acknowledged a “compromise in data confidentiality.” It detected a ransomware attack during the early hours of Oct. 7, leading to three days of reduced functionality at the Barcelona hospitals Dos de Maig and Creu Roja de l’Hospitalet and the nearby Moisès Broggi facility in Sant Joan Despí. Also affected were 10 other health centers, the majority of them in the city’s southern suburbs.
