gevoelige patiëntgegevens van 15 miljoen Fransen gelekt na cyberaanval
Parijs, vrijdag, 27 februari 2026.
Een cyberaanval op 1.500 artsenpraktijken in Frankrijk heeft geleid tot een massaal gegevenslek. Ongeveer 15 miljoen patiënten zijn getroffen. Hun administratieve gegevens zijn buitgemaakt. Bij 169.000 mensen zijn ook gevoelige medische aantekeningen gelekt. Denk aan opmerkingen als ‘porteuse sida’ of ‘serait homosexuelle’. Deze informatie was opgeslagen in het softwareprogramma MonLogicielMedical van Cegedim Santé. Het ministerie van Volksgezondheid bevestigt het incident. Identiteitsdiefstal is een reëel risico. Cyberspecialisten en Europese veiligheidsinstanties onderzoeken de zaak. Ook Nederlandse zorginstellingen worden gewaarschuwd voor mogelijke kwetsbaarheden.
massive breach through medical software vulnerability
The cyberattack targeted Cegedim Santé’s MonLogicielMedical platform, used by approximately 3,800 healthcare professionals across France [1]. Around 1,500 practitioners were compromised during the attack at the end of 2025 [2]. Personal patient data including names, birthdates, phone numbers, and addresses were illegally accessed [3]. The French Ministry of Health confirmed these administrative datasets affected roughly 15 million individuals [4]. Security specialists note such comprehensive personal profiles create significant opportunities for identity theft and social engineering attacks [5].
exposure of highly sensitive health annotations
Beyond basic identification details, approximately 169,000 patients had sensitive physician notes exposed [6]. These informal clinical observations included references to HIV status marked as “porteuse sida!!!!!”, assumptions about sexual orientation noted as “serait homosexuelle d’après sa mère”, and religious background described as “mère musulmane voilée” [7]. Experts emphasize that while not formal diagnoses, such intimate remarks reveal profound personal vulnerabilities [8]. The presence of political figures’ data within the breached files further amplifies concerns regarding potential blackmail risks [9].
official responses and ongoing investigations
French authorities opened a formal investigation into the incident after Cegedim filed a complaint on October 27, 2025 [10]. The Paris prosecutor’s office assigned the cybercrime brigade to examine charges of unauthorized access to automated data systems [11]. Minister of Health Stéphanie Rist demanded immediate corrective actions from Cegedim while affirming no state-owned infrastructure caused the breach [12]. European security agencies now collaborate with French investigators to trace the attackers’ origins amid growing regional concern over healthcare sector vulnerabilities [13].
systemic weaknesses in private healthcare technology
This incident highlights longstanding cybersecurity deficiencies within privately operated medical IT networks [14]. Analysts point out that physicians often lack adequate training regarding secure handling of sensitive patient information in digital formats [15]. Previous penalties against Cegedim demonstrate recurring compliance issues, including a €800,000 fine from CNIL in 2024 for earlier privacy violations [16]. Industry observers warn similar exposure could affect other nations relying heavily on commercial vendors for electronic health record management [17].