A massive cyberattack has rocked France’s healthcare system, exposing the sensitive medical records of over 750,000 patients from an unnamed hospital, with claims of similar breaches at several others, including Centre Luxembourg, Clinique Alleray-Labrouste, Clinique Jean d’Arc, Clinique Saint-Isabelle, and Hôpital Privé de Thiais.
The compromised records reportedly include highly sensitive personal and medical information such as names, dates of birth, contact details, physician information, prescription history, and health card details.
The individual behind the attack, known online as ‘nears’ (formerly ‘near2tlg’), claims to have targeted multiple healthcare facilities across France, asserting that they hold patient data for over 1.5 million individuals.
The hacker alleges they breached MediBoard, an EPR platform developed by Softway Medical Group, which serves healthcare providers across Europe.
Softway Medical Group confirmed the breach but stressed that it was not caused by any software flaw or misconfiguration within its systems. Instead, the attack exploited stolen credentials from a privileged user within the affected hospital’s infrastructure.
The company clarified that the hospital hosted and managed the exposed data, not directly by Softway Medical Group.
“We can confirm that our software is not responsible, but rather, a privileged account within the client’s infrastructure was compromised by an individual who exploited the standard functions of the solution,” the company told BleepingComputer.
The hacker’ nears’ has also put these records up for sale, targeting three potential buyers. If sold, the data could be weaponised for phishing, fraud, and identity theft. Even more concerning is the possibility that the information could be leaked online, making it accessible to cybercriminals’ networks globally.
The attacker alleges that this access would allow buyers to view confidential healthcare and billing information, manipulate appointments, and alter medical records, raising alarms about potential threats to patient safety.
The cyber attacker alleges that this access would allow buyers to view confidential healthcare and billing information, manipulate appointments, and alter medical records, raising alarms about potential threats to patient safety.
Cybercrooks have been increasingly targeting the healthcare industry. Last month, a report detailed how ransomware attacks have increased 300% in the United States since 2015. In the same month, the Change Healthcare hack exposed the data of around 100 million American citizens.
In India, the Star Health insurance provider confirmed a data breach involving more than 7.24 TB of data. Similarly, the Kootenai Health ransomware attack breached data of more than 460,000 customers.
In April 2024, UnitedHealth confirmed a data breach at Change Healthcare, impacting millions.
In the News:U.S. charges five Scattered Spider hackers in major cybercrime case