Cegedim santé confirms 15.8 million patient records exposed in breach
Cegedim santé confirms 15.8 million patient records exposed in breach
https://www.prismedia.ai/news/cegedim-sant-confirms-158-million-patient-records-exposed-in-breach
Publish Date: 2026-03-04 00:11:00
Source Domain: www.prismedia.ai
Cegedim Santé confirmed that attackers illegally accessed roughly 15.8 million administrative patient records held in its MonLogicielMedical (MLM) software, a breach the company says was detected in late 2025 and for which it filed a criminal complaint in October 2025. France24/AFP and The Register reported the figure and said the leak affected software used by about 3,800 doctors, with roughly 1,500 practitioners impacted.
Company statements attributed to Cegedim say the intrusion was identified after what it described as “abnormal application query behaviour” and that patient data stored within MLM had been illegally accessed or extracted. Cegedim said the incident “has been contained,” that only administrative records were affected, that structured medical files remain intact, and that it is “supporting its clients and their patients as much as possible” and will “fully cooperate with the authorities,” according to reporting by Brussels Times and France24/AFP.
Independent media examinations of the leaked repository report a narrower but consequential exposure inside the administrative set. The Register and France24/AFP cite that between 165,000 and 169,000 free-text doctor notes were included in the leaked material. France2, which media say accessed an openly available database, reported examples of explicit entries such as “HIV-positive,” “veiled Muslim mother,” and “son in prison,” according to Cybersecurity-review and Anadolu Agency attribution cited by that outlet. France24/AFP said the presence of annotations that reveal sensitive conditions means the breach could carry long-term harm to individuals.
Gerome Billois, a cybersecurity expert at consultancy Wavestone, told AFP that the leak could be “the biggest in France” in the health sector and warned of “irreparable consequences.” He said, “Once health information that says: ‘You have AIDS’ or ‘You have such and such a disease’ is released, you can never go back,” as quoted by France24/AFP.
The incident has…
