Personal data of 50,000 users stolen in alleged cyberattack on Asisa network of HLA Grupo hospitals in Spain

Image of a would-be cybercriminal.

Image of a would-be cybercriminal. Credit: Fam Veld/Shutterstock.com

Security alert in Spain after an alleged cyberattack on the HLA Grupo hospitals network of the Asisa health insurance company.

The health insurer Asisa insisted this Wednesday, March 15 that it could have been the victim of a data hacking in its hospital network. This was reported by one of the users of HLA Grupo Hospitalario, who claimed to have been the victim of a cyber-attack which resulted in patient and healthcare data being leaked.

According to the user, his data – and one of the e-mails he sent to one of the group’s hospitals – have since been disseminated on an internet forum. A hacker on the forum claimed to have extracted 45,000 records of people with their names and surnames, telephone numbers, e-mail addresses and their communications from the network, some of them apparently dating back to last October.

In addition, the hackers also allegedly stole personal information on 1,600 doctors and healthcare professionals. This included their names, specialities, hospitals and codes, contact telephone numbers, and ID and NIF numbers.

The whistleblower claims that for the moment the hacker had only published a testimonial sample of them in this forum on March 14. They revealed the details of barely a dozen people. According to the hacker though, the breach affected at least 50,000 people.

Consulted by the Cronica Global news outlet, sources at Asisa assured that they had activated a security alert and were studying the matter. They could not confirm the data theft, nor its alleged scope. The company assured that it was working on reinforcing its security.

HLA Grupo Hospitalario is part of the Asisa network with 18 hospitals and 17 medical centres. They are located in Barcelona, Lleida, Madrid, Zaragoza, Albacete, Alicante, Murcia, Almeria, Guadalajara, Huelva, Cadiz, Granada, and Malaga.

As its website explains, Asisa is a leading healthcare company in Spain owned by the Lavinia doctors’ cooperative, with entirely Spanish capital and national scope. In 2016, it announced the creation of HLA as the first hospital group with entirely Spanish capital, with a turnover that year of close to €300 million.

This alleged breach of security follows last week’s ransomware attack on Barcelona’s Hospital Clinic. A group of cyber criminals subsequently demanded €4.2m ($4.5m) from the government in Catalonia to prevent them from publishing online or reselling the data that it stole. The government insisted it would not pay ‘one cent’ to the hackers.

___________________________________________________________

Thank you for taking the time to read this article. Do remember to come back and check The Euro Weekly News website for all your up-to-date local and international news stories and remember, you can also follow us on Facebook and Instagram.

Written by

Chris King

Originally from Wales, Chris spent years on the Costa del Sol before moving to the Algarve where he is a web reporter for The Euro Weekly News covering international and Spanish national news. Got a news story you want to share? Then get in touch at editorial@euroweeklynews.com

Comments