Warning over fraud risk after leak of user data at French medical laboratory chain

Personal details of patients were stolen in a cyberattack but medical records were reportedly untouched

Users were assured their passwords were not stolen. Photo for illustrative purposes only
Published Modified

A reader has contacted us after receiving an email from a medical laboratory in France alerting them that their data had been stolen in a cyberattack. 

We can confirm the email was genuine and a cyberattack did take place against Cerballiance, a company running over 700 medical laboratories, in March 2025. 

Cyberattackers stole the personal information of thousands of laboratory patients, including their email address, name, and date of birth after momentarily gaining access to a private server.

The laboratory has since been contacting impacted users (if you have not been contacted, your details were very likely not taken).

Many victims were from the south-east of France, although the incident could have impacted anyone who had used one of the laboratories and signed into the website to access test results.

Despite the log-in codes of some users also being stolen, Cerbaillance says that no medical information, such as Social Security information or health records, was compromised. 

Users have been asked to change the password they use to access their personal space on the Cerbaillance website, and to be aware of potential scammers trying to contact them. Fraudsters often try to gain potential victims’ confidence by citing the information they have as if they are a genuine contact.

The incident was referred onto the relevant national authorities, including the CNIL (Commission nationale de l'informatique et des libertés) and Agence nationale de la sécurité des systèmes d’information (ANSSI).

Readers concerned they have been impacted can call a dedicated helpline for free (0 800 95 27 27), or email the laboratory at info-labo-rgpd@cerballiance.fr

For additional advice, check out our article on how to protect yourself following a cyberattack