Massive Cyberattack on French Healthcare Software Exposes Personal Data of Up to 15 Million Patients
A cyberattack on Cegedim Santé's medical software at the end of 2025 has exposed personal data of up to 15 million French patients, prompting government and company responses.
- • Cyberattack on Cegedim Santé's MLM software compromised personal data of 11 to 15 million patients.
- • Personal administrative information was stolen; structured medical records remained intact.
- • The breach involved around 1,500 doctors out of 3,800 users of the MLM software.
- • Authorities were notified; Ministry of Health is monitoring and requested a report from Cegedim Santé.
Key details
A significant cyberattack at the end of 2025 has compromised the personal data of between 11 to 15 million French patients, according to multiple reports. The cyberattack targeted Cegedim Santé's "Mon logiciel médical" (MLM) software, used by about 3,800 healthcare professionals across France.
Cegedim Santé confirmed the data breach, which involved unauthorized access to patients' personal administrative information such as names, birth dates, phone numbers, and postal addresses. Importantly, the company stated that structured medical records remained secure and were not accessed. However, a limited number of cases included sensitive details like doctors' annotations, sexual orientation, and health conditions. An online data sample comprised administrative information on nearly 300,000 patients, with only a small fraction containing sensitive information.
Estimates of affected individuals vary; France 2 suggests the breach impacts between 11 and 15 million patients, while a hacker claims access to data on 19 million people. Cegedim attributes the exposure to only around 1,500 practitioners using the MLM system, indicating a narrower scope. The breach was detected after anomalous software behavior was identified in late 2025.
Following discovery, Cegedim promptly reported the attack to the authorities, including lodging a complaint with the prosecutor's office and notifying the Commission Nationale de l'Informatique et des Libertés (CNIL). The Ministry of Health, which clarified that the breach was related to a private provider and not public healthcare systems, is actively monitoring the situation. Health Minister Stéphanie Rist requested a report from Cegedim on the incident’s causes and corrective measures to prevent future occurrences.
This unprecedented data breach underscores growing concerns over cybersecurity in the French healthcare sector and highlights challenges in protecting sensitive patient information amid increasing cyber threats.
This article was translated and synthesized from French sources, providing English-speaking readers with local perspectives.
Source articles (3)
Source comparison
Estimated number of affected individuals
Sources report different estimates of how many individuals were affected by the data breach.
lefigaro.fr
"between 11 to 15 million individuals may be affected."
lemonde.fr
"a hacker claims to have data on 19 million patients."
france24.com
"affecting approximately 15 million French citizens."
Why this matters: One source estimates that between 11 to 15 million individuals may be affected, while another mentions a hacker claiming to have data on 19 million patients. This discrepancy significantly impacts the perceived scale of the breach.
Type of data compromised
Sources differ on the types of data that were compromised in the breach.
lefigaro.fr
"the data breach involves personal administrative information such as names, birth dates, and phone numbers."
lemonde.fr
"some highly personal information about a limited number of patients was found, such as sexual orientation and health conditions."
Why this matters: One source states that sensitive information such as sexual orientation and health conditions was included, while another claims that only administrative information was compromised. This affects the understanding of the breach's severity.
Latest news
Massive Cyberattack on French Healthcare Software Exposes Personal Data of Up to 15 Million Patients
France Voices Strong Opposition as EU Moves Forward with Provisional Mercosur Trade Agreement
Official Candidate Lists Published for First Round of 2026 Municipal Elections in France
Jean-Luc Mélenchon Faces Political Backlash After Antisemitic Remarks in Lyon
UN High Commissioner Declares Violence Against Women a Global Emergency Amid Rising Worldwide Killings
French Public Services Highlighted Ahead of Elections as Vital to Society and Local Governance
The top news stories in France
Delivered straight to your inbox each morning.