The sensitive medical data belonging to nearly half a million French people has been stolen and leaked online. The security incident was announced by France’s Ministry of Health. This indicated that the data was being sold online in a cybercrime forum.
It appears that some of the data consists of identifying information including birth date, blood type, GP, health insurance provider, medical treatments, HIV status, and pregnancy test results.
Globally, healthcare breaches are increasing, with between 500 and 600 per year being reported (albeit of different magnitudes). The most common type relates to hacking, followed by IT security weaknesses.
Looking into the matter is Steve Forbes, Government Cyber Security Expert at Nomient.
According to Forbes, the data breach is another example of sensitive health-related data being exposed: “The recent report that the medical data of nearly a half-million people in France was hacked and leaked shows just how vulnerable critical sectors are. It’s becoming clear that hackers are seeking to maximise their impact by compromising deeply embedded technologies across multiple industries. As hackers evolve, so must cyber defence.”
While immediate responses remain essential, Forbes also recommends that a wider approach to intelligence is taken: “While spotting attacks and responding early is paramount, it’s becoming increasingly important that we can track where and when technology is being deployed.”
Forbes adds that this leads to a more risk-centric approach: “This will enable a broader risk analysis and response once a vulnerability is identified. There are a number of strategies that can be adopted to achieve this. From technical solutions offering layers of visibility and cyber defence, through to the close collaboration of governments, cyber and critical industries in sharing threat intelligence and mitigation tactics. Bringing this all together will not just work towards countering the current threats, but build resilience for the future.”