A threat actor had access to the electronic patient record system of an unnamed French hospital, compromising the health data of 750,000 patients.
The stolen data includes personal information such as names, dates of birth, addresses, phone numbers, and medical information like prescriptions and attending physicians.
The breach seems to be a supply chain attack, with the hacker compromising the MediBoard platform provided by Softway Medical Group.
The exposure of medical data puts patients at risk of identity theft, fraud, and can lead to misdiagnoses or medical errors.