Published on :
An investigation was opened in Paris after the massive hacking of medical data, the prosecution announced on Thursday. The confidential data of nearly 500,000 patients have leaked onto the Internet and continue to circulate on a forum, AFP noted.
Find the origin of the Internet leak of the medical files of nearly 500,000 people. This is the mission of the cybercrime section of the Paris prosecutor’s office, which opened an investigation into this massive piracy on Wednesday February 24.
The investigation, entrusted to the Central Office for the Fight against Crime Related to Information and Communication Technologies (OCLCTIC), was opened by the head of “fraudulent access and maintenance in an automated data processing system “and” extraction, possession and fraudulent transmission “of this data, said the park, Thursday, February 25.
AFP observed that a file comprising 491,840 names, associated with contact details (postal address, telephone, email) and a social security registration number, circulated freely on at least one forum referenced by search engines. research.
These names are sometimes accompanied by indications on the blood group, the attending physician or the mutual, or comments on the state of health (including a possible pregnancy), drug treatments or pathologies (in particular HIV).
According to the Checknews verification section of the daily Liberation which investigated the subject, the data would come from around thirty medical biology laboratories, located mainly in the north-western quarter of France, and correspond to samples taken between 2015 and October 2020.
A hack reported as early as November 2020
The Directorate General of Health told AFP on Wednesday that this leak was also the subject of investigations by “the National Agency for the Security of Information Systems (Anssi), the Ministry of Solidarity and Health, in connection with the Cnil and the software publisher, of which it is suspected that old installations of its laboratory management solution are involved “.
Anssi had previously told AFP that he had identified the “origin” of the health data leak and reported it to the Ministry of Solidarity and Health in November 2020.
According to Damien Bancal, a specialist journalist who first made the leak public on February 14 on his blog Zataz, this file was the subject of commercial negotiations between several hackers on a Telegram group specializing in the exchange of stolen databases .
One of them posted it on the web after an argument. This massive medical data leak comes against a backdrop of cyber attacks increasingly targeting healthcare establishments.
These hospitals, laboratories or platforms, which manage sensitive data, have become privileged targets since the health crisis.
President Emmanuel Macron presented on February 18 a plan of one billion euros intended to strengthen their cybersecurity.