In a major cyber attack on thousands of healthcare laboratories, confidential medical records on nearly 500,000 patients in France were stolen, landing online after an alleged conflict between hackers, according to media reports.
According to French cybersecurity journalist Damien Bancal, who runs the Zataz site, a file containing names and contact information for 491,840 individuals has been making the rounds online since at least earlier this month. The details includes home addresses, telephone numbers, emails, social security numbers and other personal information that is subject to drugs, pregnancy and HIV diseases.
Although Bancal first acknowledged the hack in a blog post on February 14, AFP and the French daily Liberation followed up more recently, with the latter finding that the information was likely stolen from about 30 medical laboratories located around northwestern France.
“We can find this file in seven different places on the internet,” Bancal told AFP on Tuesday, adding that although hackers initially negotiated for the data through a Telegram chat, the stolen material was later released for free after a dispute among the blackhatters.
Although the requests for comments from AFP to the French authorities have so far gone unanswered, Bancal noted that the CERT cyber crime department of the country seems to have recognized the infringement earlier this month. The outfit posted a notice to the French Ministry of Health’s website warning that on February 4, login credentials for up to 50,000 “hospital center agents” were swiped and placed up for sale, adding that while “it is difficult to describe the origin of this leak precisely,” it may allow hackers to access healthcare networks.
Bancal also reports that one of the individuals still trying to sell the purloined documents via the online blackmarket was personally approached. He said the individual asked for “at least $1,000” for the data, indicating that if he “spread ransomware through these addresses,” Bancal might earn “millions,” but noted that the person sounded like a “low-level hawker” and did not appear to be familiar with the French healthcare sector.
While most involve smaller data troves than the recent theft in France, hacks on medical institutions are not particularly uncommon, with a dark web hacking community snatching some 900 gigabytes of data from a British plastic surgery chain late last year, threatening to release “before and after” pictures of patients unless a ransom was paid. Just weeks ago, American authorities warned hospitals across the US of a “imminent” cybercrime surge. Although officials gave no indication of Russian involvement, the notice caused an outpouring of media reports accusing none other than Moscow, relying, instead of facts, on the word of a single analyst.