French cybercrime investigators said Thursday that they were investigating leaks of medical information from nearly half a million people, including such highly confidential information as their HIV and fertility status.
The leak of data, which is believed to have been stolen by hackers, was discovered by Zataz cybersecurity blog, which came across the document on the encrypted messaging system Telegram in a group used for illegal trade in stolen databases. It was later made freely available on the web.
AFP has confirmed the existence of the leaked file, which contains 491840 patient names, along with their address, telephone number, e-mail address and social security number and in some cases their blood type.
The file also contains highly confidential information about some of patients’ health, including pregnancies or fertility problems, underlying conditions such as HIV and prescription drugs.
The Paris prosecutor’s office responsible for investigating cybercrime told AFP that it had launched an investigation into the leak on Wednesday.
The investigation into “fraudulent access to and maintenance of an automated data processing system” and “fraudulent extraction, storage and sharing” of the data, prosecutors said.
The newspaper Liberation reported that the file was based on data from tests carried out between 2015 and October 2020 in about 30 clinic laboratories, mostly located in northwestern France.
>> Look: French hospitals hit by cyberattacks with ransomware
The Zataz journalist, who revealed the leak, claimed that the file had been published after hackers fell over the terms of the sale of the document.
Hospitals, laboratories and medical websites are a growing target for cyber attacks.
President Emmanuel Macron previously announced a € 1 billion ($ 1.2 billion) monthly program to combat cybercrime, including in the medical sector.