Hack on French medical site sees over 15 million records leaked, including private health info
- Cyberattack targeted French healthcare software provider
- Patient administrative data and limited doctor notes exfiltrated
- The company confirmed the violation and informed authorities
French software company Cegedim Santé, which develops solutions for the healthcare sector, has confirmed that it was the victim of a cyberattack which caused it to lose sensitive data on thousands of people.
In a press release, the company indicates that at the end of 2025 it had identified “abnormal application request behavior” on the accounts of doctors using the MonLogicielMedical (MLM) product.
MonLogicielMedical is a web management application designed to help healthcare professionals manage their daily administrative and clinical tasks online. It allows users to access and update patient records, schedules, prescriptions, billing and other practice data from any browser or mobile device.
Sexual orientation and history of pathology revealed
Cegedim Santé claims that around 3,800 doctors in France use MonLogicielMedical, of which 1,500 were affected by this attack.
“As soon as the incident was detected in late 2025, all necessary measures were taken to deal with it and it was brought under control,” the statement said. “In accordance with our legal obligations, we have taken all regulatory measures, including notifying the CNIL and filing a complaint with the public prosecutor.”
Following an internal investigation, Cegedim Santé concluded that the attackers exfiltrated data from patient administrative files, including full names, gender data, dates of birth, telephone numbers, postal and email addresses, as well as administrative comments.
“For a very limited number of patients, these comments may have contained personal notes from the doctor regarding sensitive information. The patients’ structured medical records remained intact.”
What makes this incident particularly interesting is the fact that Cegedim Santé is a supplier to the French Ministry of Health. In total, 15.8 million records were intercepted, including 165,000 records containing medical notes.
The news was first broadcast on national television channel France 24, which reportedly said the data included details of conditions such as HIV/AIDS, as well as people’s sexual orientation. Some of the country’s top politicians are apparently among those affected.
Via The register
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
