Cyberattack at French hospital exposes health data of 750000 patients

pMicrosoft rereleases Exchange updates after fixing mail deliveryppSpyLoan Android malware on Google play installed 8 million timesppNew Windows Server 2012 zeroday gets free unofficial patchesppTor needs 200 new WebTunnel bridges to fight censorshipppMozilla really wants you to easily set Firefox as default Windows browserppIts only 50 to train for these CompTIA exams in this course dealppGoogle Chromes AI feature lets you quickly check website trustworthinessppNovel phising campaign uses corrupted Word documents to evade securityppHow to access the Dark Web using the Tor BrowserppHow to enable Kernelmode Hardwareenforced Stack Protection in Windows 11ppHow to use the Windows Registry EditorppHow to backup and restore the Windows RegistryppHow to start Windows in Safe ModeppHow to remove a Trojan Virus Worm or other MalwareppHow to show hidden files in Windows 7ppHow to see hidden files in WindowsppRemove the Theonlinesearchcom Search RedirectppRemove the Smartwebfindercom Search RedirectppHow to remove the PBlock adware browser extensionppRemove the Toksearchesxyz Search RedirectppRemove Security Tool and SecurityTool Uninstall GuideppHow to Remove WinFixer Virtumonde Msevents TrojanvundoppHow to remove Antivirus 2009 Uninstall InstructionsppHow to remove Google Redirects or the TDSS TDL3 or Alureon rootkit using TDSSKillerppLocky Ransomware Information Help Guide and FAQppCryptoLocker Ransomware Information Guide and FAQppCryptorBit and HowDecrypt Information Guide and FAQppCryptoDefense and HowDecrypt Ransomware Information Guide and FAQppQualys BrowserCheckppSTOPDecrypterppAuroraDecrypterppFilesLockerDecrypterppAdwCleanerppComboFixppRKillppJunkware Removal ToolppeLearningppIT Certification CoursesppGear GadgetsppSecurityppBest VPNsppHow to change IP addressppAccess the dark web safelyppBest VPN for YouTubeppppA data breach at an unnamed French hospital exposed the medical records of 750000 patients after a threat actor gained access to its electronic patient record systemppA threat actor using the nickname nears previously near2tlg claimed to have attacked multiple healthcare facilities in France alleging that they have access to the patient records of over 1500000 peopleppThe hacker claims they breached MediBoard by Software Medical Group a company offering Electronic Patient Record EPR solutions across EuropeppSoftway Medical Group has confirmed that hackers have compromised a MediBoard account However it noted that this was not the result of a software vulnerability or misconfiguration on their part but rather through the use of stolen credentials used by the hospitalppIn a letter sent to French media and shared with BleepingComputer by LeMagITs editorinchief Valéry RießMarchive Softway Medical Group says the exposed data was not directly managed by them but rather hosted by the hospitalppOn November 19 2024 a cyberattack was detected within a healthcare facility using the Mediboard software reads the machinetranslated emailppWe want to emphasize that the affected health data were not hosted by Softway Medical GroupppppBleepingComputer contacted Softway Medical Group for clarifications on which account and at what level was compromised and a spokesperson shared the following statementppWe can confirm that our software is not responsible but rather a privileged account within the clients infrastructure was compromised by an individual who exploited the standard functions of the solution the Softway Medical Group told BleepingComputerppThis hypothesis has been substantiated It is therefore neither due to improper implementation of the software nor human errorppThis all unfolded after the threat actor began selling what they claimed was access to the MediBoard platform for multiple French hospitals including Centre Luxembourg Clinique AllerayLabrouste Clinique Jean dArc Clinique SaintIsabelle and Hôpital Privé de ThiaisppThis access allegedly would let the buyer view the hospitals sensitive healthcare and billing information patient records and the ability to schedule and modify appointments or medical recordsppTo prove that they gained access to the MediBoard accounts the hacker also put the records of 758912 patients from an unnamed French hospital up for saleppThese records allegedly contain the following informationppThe data was offered for purchase to three users and currently no buyers have been declared on the sale listingppEven if the data isnt sold theres always a risk of being leaked online for free making it available to the broader cybercrime communityppThe type of data exposed in this incident raises the risk of phishing scamming and social engineering for impacted peopleppUpdate 1121 BleepingComputer has learned that all of the affected hospitals belong to a single entity Aléo Santé which explains how the threat actor got access to all of them by compromising one privileged MediBoard account not in Softways direct controlppFord rejects breach allegations says customer data not impactedppHacker gets 10 years in prison for extorting US healthcare providerppFree Frances second largest ISP confirms data breach after leakppUnitedHealth says data of 100 million stolen in Change Healthcare breachppBianLian ransomware claims attack on Boston Childrens Health PhysiciansppNot a member yet Register NowppNew Windows Server 2012 zeroday gets free unofficial patchesppNew Rockstar 2FA phishing service targets Microsoft 365 accountsppSpyLoan Android malware on Google play installed 8 million timesppSolving the painful password problem with better policiesppHow to leverage 200 million FCC program boosting K12 cybersecurityppCynet delivers 426 ROI in Forrester Total Economic Impact StudyppThe Actual Cost of Forgotten PasswordsppWhy Cybersecurity Leaders Trust the MITRE ATTCK EvaluationsppTerms of Use Privacy Policy Ethics Statement Affiliate DisclosureppCopyright 2003 2024 Bleeping Computer LLC All Rights ReservedppNot a member yet Register NowppRead our posting guidelinese to learn what content is prohibitedp