Strong cybercrime, with leaked medical data, seems to have occurred against him General Hospital of Athens "Laiko" by a group of hackers under the brand name AnonXPAnyone (Anons Expose Anyone). AnonXPAnyone, who very clearly embrace the Anonymous philosophy, posted a message on an unknown Anonymous communication website abroad announcing the attack and the reasons for it.
According EXCLUSIVE INFORMATION which were communicated to SecNews by email from an unknown sender, the supporters of <...>
Anonymous performed a high-complex online attack on the well-known hospital! In particular, the information indicates (and WE TRANSMIT WITH EACH PROTECTION) that hackers, for reasons that have not been clarified so far, have targeted and managed to bypass the security systems of the General Of the People's Hospital of Athens and gain access to sensitive (and possibly personal) data.
The People's Hospital is a tertiary hospital, which has a blend of University Clinics and Clinics of the NHS, which makes it unique. It is a hospital that is a special presence, with 70 action for some years, in the struggle to address the health problems in our country.
In the message they posted AnonXPAnyone, at the Anonymous Posting Point in Anonpaste.me report exactly the following:
«Greetings citizens of the world. We are anonymous. One of the largest Greek hospitals was our goal this week. We have evidence of doctors and patients. Phones, addresses, names, medical findings, prescriptions, access to the entire network of the hospital and much more material. We have access to government agencies around the world including Greece. There will be a time that we will post our targets to the media, to remind our brothers that we do not forget them. We stand by the side of Greek Anonymous and Greek people. Their corrupted governments since 1980 will fall like playing cards. Soon brothers and sisters, very soon.
Greetings to TeamPoison, AnonXPAnyone »
"We welcome the citizens of the world. We are Anonymous. One of the largest Greek hospitals was our target this week. We have proofs from doctors and patients. Phones, Addresses, Names, Medical findings, prescriptions, access to the hospital's internal network and more material. We have access to government agencies around the world, including Greece. There will be time to announce the goals to the media, to remind our brothers that we do not forget them. We support Hellenes Anonymous and Greek citizens. Corrupt governments from 1980 will fall as cards. So soon brothers and sisters, very soon.
We greet Teampoison, AnonXPAnyone »
EXCLUSIVE information provided by SecNews confirms that the attack was targeted and absolutely successful, as the goal was not simply the website of the People's Hospital (as hackers are used to) but the entire internal network of the hospital! The information that hackers have reported appears to have gained access in 190 (!) and more workstations and servers that meet the needs of the 32 units that the hospital unit is hosting !!!
Picture 1: Part of the internal network of the Laiki Hospital. It seems that hackers have access to HAIR, RADIOLOGY, PATIENT MOVEMENT and HAITIAL EXAMINATIONS.
The editorial team, after evaluating the data brought into consideration, considers the attack is extremely serious because of the amount of information that hackers seem to have at their disposal (part of which they have notified), as we have seen only one file (the list of the Medical Association of Athens) have full data 18.292 (!!!) registered physicians!
Image 2: Alphabetical list of names and phone numbers
Image 3: Doctor on call for January
Picture 4: Staff board
Image 5: Personnel list of other hospital health establishments.
As shown by its network security mechanisms Athenian General Hospitaln, have been vulnerable to attack by hackers, endangering any computer system connected to their network. This does not leave medical devices out of the box which may require a network connection for the operation or exchange of data between them. This means that if there are such devices in the GNA, then the luck of any patient is in the hands of hackers !!! It is definitely something that the responsible should investigate immediately, if there are medical machines inside the internal network!
Image 6: Personnel Board (Athens Medical Association)
Those responsible should take over their responsibilities once and for all, as with the fate of patients, serious questions arise as one finds regarding the safeguarding of the personal data of staff and hospital visitors / patients. Based on the data sent to SecNews (and of course we pass on every reservation because we can not confirm for ourselves their correctness before the formal response of the hospital) there is a high probability that the evidence of some thousands of people (doctors and patients) is now in the possession of hackers. The information that has been communicated is overly complete, including among others names, addresses, and even patient reports, perhaps in an unprecedented leak that has ever occurred in our country in the medical field !!!
Hackers have not only filed and attacked more than one system, but they seem to have been in possession of specialized software used by hospital staff, allowing them to manage remote patient affairs, access to reports , findings and the course of patients from the day they are introduced to Popular Hospital until the day they leave! We believe that with such access to hospital information systems, it is possible that test data or patient findings may be altered, something that will surely need to be investigated by the appropriate IT department if these data are kept within the hospital's internal network targeted by the intruders.
Image 7: Plenty of information in the possession of hackers
According to estimates by special and competent officials, the point of view sought by the Secnews editorial team, has a "scent" of espionage, and even a "high" level with support from third governments, since such capabilities can not be available as individual hackers have explained to us. It seems that malicious leased users or spies of foreign countries exploit the economic crisis and dissolution in all sectors in our country (and especially in the field of public health) for their own malicious purposes, sought to target this unit. In a previous article we had reported the relevant information about foreign hackers who are hired for businessmen against a fee.
Perhaps it should go beyond its activation Prosecution of Electronic Crime under the instructions of the internationally recognized Manos Sfakianakis, which has successfully investigated and resolved similar incidents of having to ALSO sensitize and organize other public services to the standards of the UN, especially those responsible for National Security and ensuring the confidentiality of communications and our personal data as citizens! It is evident, according to the above, that beyond the IAC, the majority of public sector services are sleeping "Sleeping right" with regard to the underlying cyber attacks or spying of data from governments that spur our country!
Corresponding attacks on hospitals have EVERYBODY in the past but it may be the first time that serious hackers are attacked while data is leaking to Greece. Indeed, according to studies abroad, the Medical Cybercrime (the so-called next big cyber-threat), as they call it, is known to flourish in gangs of countries in eastern Europe with multiple outbreaks against the western world who never see the light of publicity.
It is worth noting that many of the services that concern it General Athenian Hospital of Athens, hosted or extensively use its network backbone infrastructure University of Athens, with that implies.
SecNews is at the disposal of the relevant services of the People's Hospital if it is desirable to post a relevant press release on the occurrence of a violation for information and protection of the community or individuals whose personal data may be compromised by the violation.
Note SecNews: The editorial team has completely concealed personal data of nursing staff (where mentioned) to protect and protect the persons exposed by the attack.