A former IT security manager for the Hospi Grand Ouest group was arrested and referred to the Paris judicial court on December 19, the national gendarmerie announced on Monday. He is suspected of being the author of the massive cyberattack which paralyzed several private establishments of the mutual group in Brittany and Pays-de-la-Loire between October 2 and 4, 2024.
The large-scale “DDOS-type” attack mainly affected the La Sagesse mutual clinic in Rennes, leading to the postponement of several surgical interventions and forcing the establishment to operate in degraded mode. The author of the hack had “demanded a ransom of $650,741 to unblock the systems” but the rapid technical investigation had made it possible “to put an end to this threat”, specifies the gendarmerie.
The hacker unmasked by his IP address
The investigations carried out by the Center for the Fight against Digital Crime and its Rennes branch made it possible to highlight indications of internal compromise. The search quickly turned to a former head of security for the group's information systems. “Key technical elements, including the IP address of the suspect, made it possible to identify him as being at the origin of the attack,” indicates the gendarmerie.
The suspect was arrested at his home by the gendarmerie on December 17, 2024. Several computer equipment was seized on site for analysis. Referred on December 19, 2024, he will appear before the Paris court on February 6, 2025.
News
France