In accordance with the newest cybersecurity report of CNIL, the French information safety supervisor, France has seen a report of non-public information breaches in 2021 — a close to 80% improve from 2020.
The CNIL carried out strict regulatory measures on French companies and organizations in 2021, sending 135 formal notices that resulted in €214 million in fines and 18 sanctions. 9 sanctions had been for inefficient information safety.
The report indicated that the most typical targets of cyber assaults had been small and medium-sized corporations. Greater than half of the information breach notifications from the report had been ransomware, which is a staggering 128% improve since 2020.
Listing of Largest Knowledge Breaches in France
Here’s a listing of the largest information breaches to happen in France:
1. Dedalus Biologie
Date: February 23, 2021
Impression: 491,840 medical information
In accordance with an investigation carried out by Libération, a large information breach occurred in February 2021, together with roughly 500,000 medical information of French sufferers of unknown origin, together with names, medical historical past, and social safety numbers that had been leaked on the web.
The cybersecurity weblog Zataz on Telegram first found the information leak wherein customers found a clandestine group that trades stolen information on Telegram.
Libération studies that the stolen information accommodates medical information and COVID-19 checks from 30 healthcare laboratories in northwest France. The leaked information included details about examinations carried out between 2015 and October 2020.
In accordance with AFP (Agence France-Presse), the leaked medical information included:
Affected person namesAddressesTelephone numbersPostcodesEmail accountsHealth insurance coverage providersSocial safety numbersBlood typesHIV statusFertility standing
Paris prosecutors in control of cybercrime reported to the AFP that an investigation is underway to find out if there was a “fraudulent entry to, and upkeep of an automatic information processing system” and “fraudulent extraction, holding and sharing” of the data.
Initially, they failed to learn how the hackers stole the data from the healthcare clinics and laboratories. However, one thing in common that the laboratories had was that they used software from Dedalus, a healthcare provider.
Dedalus was fined €1.5 million for violating the GDPR (General Data Protection Regulation) for failing to protect EU citizens’ personal data. According to the journalist that found the leaked data, the hackers made the data public after they failed to find a buyer.
In light of the incident, French President, Emmanuel Macron, announced a cybercrime combat program worth €1 billion that can enhance cybersecurity for the French healthcare system.
2. French Insurer AXA
Date: May 16, 2021
Impact: 3 TB of sensitive data and medical records exposed; possible unregistered DDoS attacks.
The Asian branches of the French insurer AXA suffered a ransomware attack in May 2021, stealing three terabytes of sensitive data.
The attack targeted sectors in Hong Kong, Thailand, Malaysia, and the Philippines and occurred after AXA canceled the Asian branches’ coverages against cyber attacks.
The alleged hacker group that’s responsible for the attack is Avaddon, and the group claims that they have also executed a DDoS attack on the subsidiaries.
AXA hasn’t confirmed the amount of the demanded ransom price nor whether they eventually paid it.
3. Pierre Rouquès – Les Bluets Maternity Hospital
Date: October 9, 2022
Impact: 150 GB of personal data and medical records
The ransomware hacker group Vice Society took credit for the cyber attack. The group used ransomware that encrypts data and demanded payment to restore their networks within one day. However, while the hacker group stated that all system sectors were fully encrypted, the hospital staff had access to most medical records.
The hospital also gave an update on the situation nine days later, stating that the hackers stole more than 150 GB of files containing patients’ personal data and health records from the hospital’s systems.
According to Zataz, the hackers disclosed the stolen documents and files on the dark web after the hospital declined to pay the ransom. The data included patient names, addresses, accounts, and Outlook account backups of staff members.
Vice Society is known for targeting schools and healthcare establishments and is infamous for completely disrupting services in the Arles Hospital clinic and the Ajaccio clinic in 2022. They commonly employ a double extortion technique — a ransomware method that encrypts the target’s systems and threatens to upload the stolen data on the dark web.
4. Thales
Date: November 11, 2022
Impact: 9.5 GB of archive files leaked.
Thales, a French defense and aerospace company for radars, drones, and military satellites, suffered a cyber attack that led to a data leak of sensitive information on the dark web.
The company refuted that their systems were hacked but confirmed that data had been stolen from a user account of collaborative partners from Italy and Malaysia that involved a data leak of 9.5 GB archive files.
The company believes that the data leak included Thales’ data, which has technical documents, possible corporate data, commercial documents, customer data, financial data, and experimental software that’s allegedly priceless.
The LockBit 3.0 ransomware gang, a relatively new hacker group operating since July 2022, is responsible for said data leak and is known for being a RaaS (Ransom as a Service) provider. The company has already opened an internal investigation and has informed France’s ANSSI national cyber security agency.
Thales reassures that the leaked data does not contain critical government data of national security programs and military projects. However, French local sources state that further data and info are yet to be discovered online.
According to Reuters, Thales’ shares plummeted 8.5% after the attack, but Thales stated that the share price decrease wasn’t linked to the attack.
5. iDealwine
Date: October 2022
Impact: Unknown amount of customer data theft.
The famous French-based online retailer for wine, iDealwine, suffered a data breach in October 2022 and hasn’t revealed the total number of customer data impacted.
Their shop was rendered offline for weeks, and the company took measures to deal with the cyber attack by contacting experts and data privacy regulators from France and UK.
6. Corbeil-Essonnes
Date: August 23, 2022
Impact: All hospital medical records published
A cyber attack on a French hospital in Corbeil-Essonnes near Paris left nurses having to file data from scratch manually. The cyber attack crippled the hospital’s IT system, data storage, imaging storage, patient admission systems, and financial software.
The hackers demanded a €10 million ransom to unlock the system, and they threatened to release patient medical records if requirements weren’t met. The hospital’s director, Gilles Calmes, refused to pay the ransomware hackers.
The hospital staff resorted to transitioning back to analog procedures like burning medical records on DVDs. They were left to work with limited resources and forced to redirect all non-critical services elsewhere in Paris. This analog downgrade cost the hospital €2 million.
Moreover, the staff was prohibited from connecting their personal devices on company premises as all their systems may have been infected.
The French elite tactical force, GIGN, negotiated with the Russian hackers. Their team for counter-terrorism and hostage situations communicated with the hackers via the Protonmail service, a communication channel chosen by the attackers.
The team managed to lower the ransom from €10 million down to a million to stall for time. The hospital refused to pay the ransom again, and the data was published online.
Allegedly, the attack was orchestrated by the Russia-based Lockbit group known for scams and other cyber attacks against US private clinics and healthcare services. The Center did the investigative reports for Combating Digital Crime (C3N) division.
Health Minister François Braun donated €20 million to improve the hospital’s data security, which implies that they’ve likely reverted to standard procedures with systems back online.
7. Apollo.io
Date: May 2018 (reported September 2018)
Almost 11 million data records from French users were allegedly put up for sale on the dark web after a data breach in the San Francisco-based digital marketing firm Apollo. Apollo did not comment on the data breach.
Around September 2018, a user stated that they infiltrated Apollo’s database and stole 11 million records of French users from Apollo to put up on sale online. The hacker didn’t disclose how the attack was conducted and what other data records were in their possession.
The data records include the following:
NamesEmail addressesLocation coordinatesSocial media profilesPhone numbersWorkplace information
According to Apollo staff, their firm conducts security audits regularly and has the proper cybersecurity stature with intrusion detection software in place.
French users can submit a request to have their data removed via Apollo’s website if they doubt their data is compromised.
8. Assistance Publique-Hôpitaux de Paris (AP-HP)
Date: Mid-2020 (confirmed September 12)
Impression: Medical information and information of 1.4 million COVID-19 sufferers leaked
The CNIL, France’s information safety authority, launched a press release on September 21, 2021, after being knowledgeable of the Help Publique-Hôpitaux de Paris (AP-HP) information breach, which included private information and medical information of 1.4 million sufferers that had been examined for COVID-19 in 2020 in Paris.
The CNIL urged all affected to not entry their breached information, as they could pose additional dangers or malware.
The private information classes from the information leak included:
COVID-19 take a look at resultsNature of the COVID-19 testsFirst and final nameDate of birthGenderSocial safety numberHome addressesEmail addressPhone numbersNames of healthcare professionals concerned within the checks
The cyber assault exploited the Parisian hospital’s COVID-19 contact-tracing system, the SI-DEP, which already had safety points.
This hack is certainly one of many who have affected French public hospital programs and healthcare establishments for the reason that pandemic.
Earlier in September 2021, COVID-19 take a look at outcomes and the PII of 700,000 folks had been leaked due to a knowledge breach from a defective interface platform for the SI-DEP system that pharmacists used.
Obtain our information on scaling third-party danger administration regardless of the chances
