Doctors’ records hit by cyberattack: up to 15 million patients in France affected

A cyberattack at the end of 2025 targeting 1,500 doctors across France led to a data leak concerning up to 15 million patients, it has been confirmed. 

Information taken from a widely-used medical database concerns administrative data, such as name, surname, telephone number and/or postal address, the Health Ministry said. 

The wide-reaching breach includes several notable individuals, such as politicians - including prospective candidates for the 2027 presidential election - and celebrities.

Out of the victims approximately 164,000 include “sensitive data,” said Health Minister Stéphanie Rist on social media post X.

This includes doctors’ notes for patients on various situations including sexual and religious orientations, cases of infidelity, and sexual assaults made against them.

She added, however, that medical records remained ‘intact’ after the breach.

At this stage, it is unclear who is behind the attack, however the mass theft of data means patients across the country should be on alert for potential phishing scams using the compromised information. 

Leak reported in October, doctors frustrated

The discovery of the attack was made by Cegedim Santé, a company that publishes software used by doctors to log patient information. 

It “identified, in late 2025, abnormal application request behaviour on user doctor accounts,” said the company in a press release. It provides software for around 3,800 doctors in France. 

Following the incident, the company reported the leak to the national data organisation, the National Civil Liberties Commission (CNIL), as per procedure, in October 2025

The Paris prosecutor’s office launched an investigation into ‘attacks on an automated data system’ against the company in November 2025, however it was not until the Health Ministry announced the incident on Friday (February 27) that the extent of the leak became known. 

Further information remains unavailable as the investigation is ongoing. 

However, the alleged hacker/s responsible told public service media France2 that only a portion of the information taken had been published online.

It was accessed by the broadcaster via the dark web, and they also confirmed the sensitive information made available with some of the victims.

Doctors have responded angrily, saying medical professionals are caught “between a rock and a hard place.”

“We have a government that absolutely insists we put as much information as possible online, on software and external servers shared with other professionals,” said president of France’s main GP union (MG France) Agnès Giannotti to FranceInfo. 

“This raises serious concerns about trust and patient safety, and it penalises our practise,” she added. 

A wave of recent cyberattacks have hit both public and private institutions in France, including the nation’s bank account register.