LockBit Allegedly Claims Cannes Hospital Cyberattack

The LockBit ransomware group has allegedly claimed responsibility for an earlier Cannes Hospital cyberattack impacting the Cannes Simone Veil Hospital Center (Centre Hospitalier de Cannes).

The Cannes Simone Veil Hospital Center, also known as the Broussailles Hospital, was named after former French health minister Simone Veil. The hospital offers patient facilities such as anesthesia, surgery, ENT, ophthalmology, dentistry, mental health, and senior care.

While the hospital was immediate in implementing stringent containment measures, ongoing investigations did not find evidence of data theft or direct ties to any threat actor groups.

Staff Forced to Degrade Services After Cannes Hospital Cyberattack

After the cyberattack, medical professionals were forced to switch to pen, paper, and manual processes to continue to provide essential healthcare services such as emergency care, surgery, obstetrics, and pediatrics to patients. Telephony services continue to work normally.

Even weeks after the attack, the site still maintains a notice of the cybersecurity attack. The notice reads that the hospital staff is investigating the cyberattack in conjunction with experts (ANSSI, Cert Santé, Orange CyberDéfense, GHT06).

Further, the notice stated that while the investigation remains ongoing, there have not yet been any ransom demands or identification of data theft operations.


Cybersecurity analyst Dominic Alvieri, on X(Twitter), shared an alleged LockBit claim of responsibility for the earlier incident.

(Source: Dominic Alvieri/ @AlvieriD /

If the claims are true, the Cannes Simone Veil Hospital Center would be one of the latest victims in a series of recent cyberattacks claimed by LockBit after the ransomware group’s operations were disrupted following joint-effort action from the FBI, NCA the UK, and the Europol.

LockBit Ransomware Group Apologised for Earlier Cyberattack on Children’s Hospital

Since healthcare targets remain a sensitive target for cyberattacks, many threat actor groups have made claims or suggested they would avoid such targets in their operations. During the Covid-19 pandemic, the Maze ransomware group announced that they would not target healthcare organizations.

Later the group was found to continue targeting healthcare units in its operations. Last year in January 2023, LockBit apologized for an attack on Toronto’s Hospital for Sick Children, blamed a partner for the attack, in its data leak site, claiming to have blocked the partner allegedly responsible for the attack, and offered code to restore the affected systems.

The cyberattack had significant consequences for the pediatric firm such as delayed lab and imaging results, shut down of phone lines, and the staff payroll system.

These incidents highlight that the healthcare system remains vulnerable to cyberattacks and can prove to have unwelcome effects on patient health, staff functioning, and morale.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button