Hospital officials said they filed a complaint with the Paris prosecutor’s office on Wednesday after confirming on September 12th that such a cyber attack took place over the summer.
The theft affects around 1.4 million people who took tests in the greater Paris Île-de-France region in the middle of 2020, according to the complaint, although no exact dates were given.
(article continues below)
See also on The Local:
Stolen were the identities, social security numbers and contact details of people tested as well as the identities and contact details of health professionals who dealt with them, along with the test results, the hospital organisation said.
But no other health information was stolen, they said.
In all, “the stolen files concern 1.4 million people, almost exclusively for tests taken in the middle of 2020″ in the Paris region, the hospitals organisation said in a statement.
Those affected “will be notified individually in the coming days”, they said.
The facts of the case were also reported to France’s data watchdog, the CNIL, and the French National Agency for the Security of Information Systems (ANSSI).
The CNIL said it had “opened an investigation into this violation”.
The hackers did not target the national testing files but rather a “secure service for sharing files”, which were used in September 2020 to transmit information “useful for contact tracing” to various health authorities.
The ministry of health also told AFP it has decided to file a complaint so that “all light is brought to bear on the leak, its consequences, and all the measures needed are taken to prevent a repeat of such an event”.