An information breach at an unnamed French hospital uncovered the medical information of 750,000 sufferers after a risk actor gained entry to its digital affected person file system.
A risk actor utilizing the nickname ‘nears’ (beforehand near2tlg)Â claimed to have attacked a number of healthcare amenities in France, alleging that they’ve entry to the affected person information of over 1,500,000 individuals.
The hacker claims they breached MediBoard by Software program Medical Group, an organization providing Digital Affected person Document (EPR) options throughout Europe.
Softway Medical Group has confirmed that hackers have compromised a MediBoard account. Nonetheless, it famous that this was not the results of a software program vulnerability or misconfiguration on their half, however quite by means of using stolen credentials utilized by the hospital.
In a letter despatched to French media and shared with BleepingComputer by LeMagIT’s editor-in-chief, Valéry Rieß-Marchive, Softway Medical Group says the uncovered information was circuitously managed by them, however quite hosted by the hospital.
“On November 19, 2024, a cyberattack was detected within a healthcare facility using the Mediboard software,” reads the machine-translated e mail.
“We want to emphasize that the affected health data were not hosted by Softway Medical Group.”
BleepingComputer contacted Softway Medical Group for clarifications on which account and at what stage was compromised, and a spokesperson shared the next assertion:
“We can confirm that our software is not responsible, but rather, a privileged account within the client’s infrastructure was compromised by an individual who exploited the standard functions of the solution,” the Softway Medical Group instructed BleepingComputer.
“This hypothesis has been substantiated. It is therefore neither due to improper implementation of the software nor human error.”
Promoting entry to hospitals
This all unfolded after the risk actor started promoting what they claimed was entry to the MediBoard platform for a number of French hospitals, together with Centre Luxembourg, Clinique Alleray-Labrouste, Clinique Jean d’Arc, Clinique Saint-Isabelle, and Hôpital Privé de Thiais.
This entry allegedly would let the customer view the hospitals’ delicate healthcare and billing data, affected person information, and the flexibility to schedule and modify appointments or medical information.
To show that they gained entry to the MediBoard accounts, the hacker additionally put the information of 758,912 sufferers from an unnamed French hospital up on the market.
These information allegedly include the next data:
- Full identify
- Date of delivery
- Gender
- Residence handle
- Telephone quantity
- Electronic mail handle
- Doctor
- Prescriptions
- Well being card historical past
The information was supplied for buy to a few customers, and at present, no patrons have been declared on the sale itemizing.
Even when the info is not offered, there’s at all times a danger of being leaked on-line free of charge, making it out there to the broader cybercrime neighborhood.
The kind of information uncovered on this incident raises the chance of phishing, scamming, and social engineering for impacted individuals.
