A significant hospital data breach at an unnamed French hospital has exposed the private medical information of 750,000 patients.
This French hospital cyberattack, involving unauthorized access to the hospital’s electronic patient record system, highlights the alarming vulnerability of healthcare institutions to cyberattacks. The threat actor, known as “nears” (formerly near2tlg), claims responsibility and alleges access to records of over 1.5 million individuals across multiple French healthcare facilities. This significant hospital data breach underscores the critical need for enhanced cybersecurity measures within the healthcare sector.
The Breach and the Hacker’s Claims: A Deep Dive into the French Hospital Cyberattack
The cyberattack targeted the MediBoard system, an Electronic Patient Record (EPR) solution provided by Softway Medical Group, a company operating across Europe. “nears” claims to have breached the system, gaining access to sensitive patient data and subsequently offering this data for sale. This constitutes a serious hospital data breach with far-reaching consequences.
Softway Medical Group confirmed a compromised MediBoard account but insists the breach wasn’t due to software vulnerabilities or misconfigurations. Instead, they attribute the incident to the exploitation of stolen credentials belonging to the hospital itself.
As stated in a letter to French media, Softway Medical Group emphasized: “On November 19, 2024, a cyberattack was detected within a healthcare facility using the Mediboard software…We want to emphasize that the affected health data were not hosted by Softway Medical Group.”
The company further clarified that “a privileged account within the client’s infrastructure was compromised by an individual who exploited the standard functions of the solution,” ruling out software flaws or human error within their system.
The hacker’s claims extend beyond the 750,000 patient records from the unnamed hospital. “nears” also publicized the alleged compromise of several other French hospitals, including Centre Luxembourg, Clinique Alleray-Labrouste, Clinique Jean d’Arc, Clinique Saint-Isabelle, and Hôpital Privé de Thiais, suggesting access to their sensitive healthcare and billing data, patient records, and the ability to manipulate appointments and medical records.
To substantiate their claims, a sample of 758,912 patient records from an unnamed hospital was offered for sale, further emphasizing the severity of this hospital data breach.
Impact of the French Hospital Data Breach Exposed Sensitive Data
The compromised data allegedly includes highly sensitive personal information, such as:
- Full name
- Date of birth
- Gender
- Home address
- Phone number
- Email address
- Physician information
- Prescriptions
- Health card history
This extensive data exposure presents significant risks to the affected individuals. The potential for identity theft, phishing scams, social engineering attacks, and other forms of fraud is substantial. Even if the data remains unsold, the risk of its unauthorized release into the broader cybercrime community remains a serious concern.
The sheer volume of data compromised in this French hospital cyberattack puts it in line with the major hospital data breaches.
Responding to the French Hospital Cyberattack: Lessons Learned from this Hospital Data Breaches
This incident serves as a stark reminder of the vulnerabilities within healthcare systems and the devastating consequences of data breaches. While Softway Medical Group maintains the breach stemmed from compromised credentials, the incident highlights the need for robust security protocols, including multi-factor authentication, regular security audits, employee training on cybersecurity best practices, and proactive monitoring for suspicious activity.
The scale of this hospital data breach necessitates a comprehensive review of security measures across all healthcare facilities, not just in France, but globally. The potential for exploitation of stolen credentials is a major concern, and organizations must prioritize the security of privileged accounts. This should serve as a wake-up call for improved security practices across the healthcare industry.
