Massive leak of medical data: judicial investigation opened in Paris

The cybercrime section of the Paris prosecutor's office on Wednesday opened an investigation after the leak on the internet of sensitive medical information from nearly 500,000 people in France, the prosecutor told AFP on Thursday. 

The investigation, entrusted to the Central Office for the Fight against Crime Related to Information and Communication Technologies (OCLCTIC), was opened by the head of "fraudulent access and maintenance in an automated data processing system "and" extraction, possession and fraudulent transmission "of this data, said the prosecution.

The data would come from around thirty laboratories 

AFP observed that a file comprising 491,840 names, associated with contact details (postal address, telephone, email) and a social security registration number, circulated freely on at least one forum referenced by search engines .

These names are sometimes accompanied by indications on the blood group, the attending physician or the mutual, or comments on the state of health (including a possible pregnancy), drug treatments or pathologies (in particular HIV). 

According to the Checknews verification section of the daily

which investigated the subject, the data would come from around thirty medical biology laboratories, located mainly in the north-western quarter of France, and correspond to samples taken between 2015 and October 2020. 

The file released after an argument between pirates?

The Directorate General of Health told AFP on Wednesday that this leak was also the subject of investigations by "the National Agency for the Security of Information Systems (Anssi), the Ministry of Solidarity and Health, in conjunction with the Cnil and the software publisher, with which it is suspected that old installations of its laboratory management solution are involved ".

Anssi had previously told AFP that he had identified the "origin" of the health data leak and reported it to the Ministry of Solidarity and Health in November 2020. 

According to Damien Bancal, a specialist journalist who first made the leak public on February 14 on his blog Zataz, this file was the subject of a commercial negotiation between several hackers on a Telegram group specializing in the exchange of stolen databases .

One of them posted it on the web after an argument.

This massive medical data leak occurs against a backdrop of cyber attacks increasingly targeting healthcare establishments.