- Cyberattack targeted French healthcare software provider
- Patient administrative data and limited doctor notes exfiltrated
- Company confirmed breach and notified authorities
French software company Cegedim Santé, which builds solutions for the healthcare industry, has confirmed it was hit with a cyberattack which saw it lose sensitive data on thousands of people.
In a press release, the company said that in late 2025, it spotted “abnormal application request behavior” on the accounts of doctors using the MonLogicielMedical (MLM) product.
MonLogicielMedical is a web-based management application designed to help healthcare professionals manage their everyday administrative and clinical tasks online. It lets users access and update patient records, schedules, prescriptions, billing, and other practice data from any browser or mobile device.
Sexual orientation and condition history exposed
Cegedim Santé claims around 3,800 doctors in France are using MonLogicielMedical, 1,500 of whom were affected by this attack.
“As soon as the incident was detected at the end of 2025, all necessary measures were taken to deal with it, and it was contained,” the announcement reads. “In accordance with our legal obligations, we have taken all regulatory steps, including notification to the CNIL and filing a complaint with the public prosecutor.”
Following an internal investigation, Cegedim Santé concluded that the attackers exfiltrated data from the patients’ administrative files, including full names, gender data, dates of birth, phone numbers, postal and email addresses, and administrative comments.
”For a very limited number of patients, these comments may have contained personal notes from the doctor concerning sensitive information. The structured medical records of patients remained intact.”
What makes this incident particularly interesting is the fact that Cegedim Santé is a supplier to France's health ministry. In total, 15.8 million records were nabbed, including 165,000 files with doctors’ notes.
The news initially broke on the country’s TV broadcaster France 24, which allegedly said the data included details on conditions such as HIV/AIDS, as well as people’s sexual orientation. Some of the country’s top politicians are apparently among the affected ones.
Via The Register
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
