France’s privacy watchdog said it’s investigating the leak of sensitive health data on half a million people and said the companies involved could face heavy penalties if they don’t come forward with details of the breaches.
The leaks were of “particularly significant magnitude and severity,” the CNIL said in a statement. Hackers may have infiltrated software made by Dedalus France that was used by medical testing laboratories, according to press reports.
The watchdog cited the media reporting on the incidents and said the companies should have notified it of the breaches within 72 hours. It said the individuals affected should also be informed.
The leaks lasted from 2015 until October 2020 and included data that ranged from social security numbers to insurance information, drug treatments, pathologies and the health status of patients, according to Liberation newspaper. Online tech newsletter Zataz first reported the breaches on Feb. 14.
France has been targeted by multiple attempts to hack its medical systems in recent months, including two ransomware-type attacks that disrupted important regional hospitals this month. French President Emmanuel Macron said cyber defense would become “a priority” of his administration.
French cyber-security agency ANSSI didn’t return an email and a call seeking comment.
Was this article valuable?
Here are more articles you may enjoy.