Cybersecurity authorities in France have revealed a major data breach involving a third-party healthcare software provider linked to the country’s health ministry. Reports suggest that approximately 15.8 million administrative medical files were stolen in the cyberattack, raising serious concerns among security agencies.
Details of the Cegedim Santé Cyberattack
The cyberattack targeted the systems of Cegedim Santé, a healthcare software vendor that confirmed the breach occurred in late 2025, although detailed information about the incident surfaced only recently. According to reports, nearly 165,000 files contained doctors’ handwritten or free-text notes, and in some cases included references to patient medical histories.
The leaked records reportedly contained personal data such as full names, gender, dates of birth, telephone numbers, residential addresses and email IDs. In certain cases, highly sensitive information related to conditions such as HIV/AIDS and individuals’ sexual orientation was also found within free-text medical notes. Cybersecurity experts warn that such information could be exploited for phishing attacks and identity theft.
FCRF Launches Flagship Certified Fraud Investigator (CFI) Program
Impact on Doctors and MonLogicielMedical Platform
The breach affected a digital healthcare platform used by around 3,800 doctors, with approximately 1,500 physicians directly impacted. The platform, known as MonLogicielMedical (MLM), allows patients to access their medical records electronically, communicate with physicians and use administrative healthcare services.
The company stated that the stolen data was mainly administrative in nature and was not directly linked to clinical medical databases. However, experts believe that sensitive information contained in free-text medical notes still poses serious privacy risks.
Supply-Chain Risks and French Government Response
Cybersecurity analysts say the attack highlights weaknesses in supply-chain security, where attackers target third-party software vendors rather than directly attacking government systems. Such methods make it easier to penetrate large interconnected networks.
The company said it remains committed to fighting cybercrime and strengthening data security measures while cooperating with investigative authorities. It also expressed regret over the inconvenience caused to affected individuals.
This incident is part of a series of cybersecurity concerns involving the French government. Earlier, the country’s finance ministry reportedly faced a breach where attackers allegedly accessed banking records containing information of about 1.2 million accounts.
Warnings and Ongoing Investigations
Authorities have advised affected individuals to remain vigilant against potential phishing attempts. The government has also initiated steps to strengthen cybersecurity defenses and review its healthcare data protection policies.
Experts warn that medical data breaches are becoming a serious global threat because such records can be used in identity theft, financial fraud and sophisticated social engineering attacks. Investigations into the incident are ongoing, and authorities are working to identify those responsible.
About the author – Ayesha Aayat is a law student and contributor covering cybercrime, online frauds, and digital safety concerns. Her writing aims to raise awareness about evolving cyber threats and legal responses.
