Hacked health data of more than 750,000 patients from a healthcare facility in the Paris region was put up for sale on Tuesday, cybersecurity expert Damien Bancal confirmed to AFP.
Also questioned, the Ministry of Health confirmed having been informed of this cyberattack by the Regional Health Agency (ARS) Ile-de-France.
On a website, an anonymous user offered for sale a file containing the personal data of 758,912 people.
"We cannot be sure of the reliability of these figures," nevertheless clarified Damien Bancal, also author of the blog zataz.com.
According to the hacker, who revealed a sample of the stolen data online, the file put up for sale contains sensitive information: in addition to names, first names, email and postal addresses and dates of birth, medical information such as the identity of the treating physician or prescriptions would be particularly affected.
The sale proposal included the name of Mediboard, a medical software deployed in healthcare establishments, as well as the names of several private hospitals.
Asked by AFP, the company Softway Medical, publisher of Mediboard, indicated however that the leak did not concern the software itself but a health establishment of the Aleo group which uses it. "The health data of the establishment is not hosted by Softway Medical," specified Deborah Drai, head of communications for the company.
Aleo Sante brings together 14 clinics or health centers and three retirement homes in Paris and the south of the Paris region, according to its website.
The group did not immediately respond to AFP's requests for comment.
"The measures associated with this type of incident are being implemented by the Aleo group in conjunction with the various authorities concerned," the ministry said, adding that "this event has no impact on the continuity of care and the safety of care."
"With all this information, we can create databases that are increasingly precise and which are certainly the best way to know your future victim in order to target them with phishing, to perhaps make a fake bank call," Benoit Grunemwald, cybersecurity expert at ESET, a company specializing in the field, commented to AFP.
Since the beginning of the week, several companies have been victims of data leaks.
Le Point magazine has confirmed that its readers have been affected, without revealing the number.
Direct Assurance, a subsidiary of the Axa group, also indicated that 15,000 of its customers were affected. Their names, first names, email addresses were stolen, as well as their IBAN (international bank account number) for 5,800 of them, the company said.
English 
French