They have based their sinister reputation on targeting the world of health.
After publicly admitting on its official website to be the victim of a cyber attack since Friday, the National Hospital Mutual Fund (MNH) has confirmed to be the target of an extortion operation by the ransomware group RansomExx.
"Our entire computer system has been cut since the detection of the attack on Friday, we are working day and night with a company specializing in finding and cleaning up viruses and seeing the extent of the damage", explains the mutual insurance company which covers in particular the personnel of the 'AP-HP and caregivers on the front lines in the fight against Covid-19.
The 700 employees of this Montargis (Loiret) company no longer have access to their workstations until the full inventory has been completed.
The processing of files will therefore be seriously delayed.
Unconfirmed data theft
A ransom demand has been received but the MNH ensures that "no data theft has been proven so far".
As a large mutual, valuable personal data of its 600,000 members, in particular Social Security numbers, pass through its services.
The CNIL has been made aware of a potential data breach, as required by law.
In its demand for the attack on the DarkWeb, the RansomExx group asks to negotiate "only with the person in charge of the whole company, otherwise the amount of the ransom will increase".
Cyber attackers also stipulate that the victim should not contact the police.
According to our information, the MNH has lodged a complaint.
Active since 2018, Defray777 ransomware has seen an upturn in activity since June 2020 after changing its name to RansomExx or RansomX.
They are now attacking large structures such as the Brazilian government networks, the transportation authorities of Texas or Montreal and several hospital administrations.