Hacker offers to sell data of 750K patients of unnamed French hospital
Learn More
A major data breach has occurred at an unnamed French hospital, exposing sensitive medical records of 750,000 patients. The incident was published by a threat actor known as 'nears' (previously near2tlg), who claims to have gained unauthorized access to multiple healthcare facilities in France through compromised MediBoard accounts, a medical records platform provided by Softway Medical Group.
The attack, detected on November 19, 2024, occurred through the compromise of a privileged account within the hospital's infrastructure. Softway Medical Group has confirmed the breach but emphasized that the exposed data was hosted by the hospital rather than directly managed by them. The company stated that the breach was not due to a software vulnerability or misconfiguration, but rather resulted from the exploitation of stolen credentials and standard software functions.
The threat actor has claimed access to over 1.5 million patient records and is attempting to sell access to MediBoard platforms for multiple French hospitals, including:
- Centre Luxembourg,
- Clinique Alleray-Labrouste,
- Clinique Jean d'Arc,
- Clinique Saint-Isabelle,
- Hôpital Privé de Thiais
As proof of their access, they have listed for sale the records of 758,912 patients from one unnamed French hospital. Exposed data types:
- Full names
- Dates of birth
- Gender information
- Home addresses
- Phone numbers
- Email addresses
- Physician details
- Prescriptions
- Health card history
The data is currently being offered for sale to three potential buyers, though no purchases have been reported yet. Security experts warn that even if the data isn't sold, it could potentially be leaked online for free, making it available to the broader cybercrime community.
