In yet another cyberattack recently, a French healthcare facility was subjected to a data breach allegedly exposing at least 750k patient records.
This data breach was spotted on November 19, 2024, after a cybercriminal hacked into the French hospital’s electronic patient record system.
A threat actor who goes by the alias “nears” (formerly near2tlg) claimed responsibility for the cyber attack.
The threat actor gained unauthorised access to the hospital's Electronic Patient Record (EPR) system. However, Softway Medical Group, the supplier of the MediBoard software used by the hospital, has emphasized that the attacker did not exploit any vulnerabilities in their software.
The data compromise was not due to a fault in Softway's software. The company believes that they are not at fault for the data breach.
Also Read: Fintech Giant Finastra Hit by Data Breach, Hacker Claims Responsibility
Hacker Stole Credentials From Hospital
Softway Medical Group confirmed that hackers had compromised a MediBoard account but told Bleeping Computer that this was not the result of a software vulnerability or misconfiguration on their part.
Instead, they believe that the cybercriminal stole credentials used by the hospital.
This all unfolded after the threat actor began selling alleged access to the MediBoard platform for multiple French hospitals including Centre Luxembourg, Clinique Alleray-Labrouste, Clinique Jean d'Arc, Clinique Saint-Isabelle, and Hôpital Privé de Thiais.
Valéry Rieß-Marchive, Softway Medical Group, said in a media letter that the exposed data was not directly managed by them, but rather hosted by the hospital.
"On November 19, 2024, a cyberattack was detected within a healthcare facility using the Mediboard software," stated the translated email.
"We want to emphasise that the affected health data were not hosted by Softway Medical Group."
The hacker reportedly began selling access to the MediBoard system and offered the stolen patient data shortly after the breach.
The stolen data was not from just one hospital but multiple healthcare facilities but the exact number of facilities impacted is still unclear, it's believed that the stolen data impacted over 1.5 million patients.
Exposed data includes personal details like names, birth dates, addresses, phone numbers, medical histories, prescriptions, and more.
When the attack was detected and authenticated in the morning, the Softway Medical Group’s teams instantly informed the clients concerned.
“We mobilised our operational and technical teams and the IT department to assist the client in securing their solution,” noted the machine-translated email letter.
“At this time, our in-depth investigations, which are still ongoing, confirm that our MediBoard software is not implicated in this cyberattack.”
Last month, another healthcare organisation was the victim of a cyberattack which exposed at least 100 million people’s private data.
EM360Tech reported that the cyber attack on Change Healthcare impacted over 100 services including dental, pharmacy, medical records, clinical, patient engagement, revenue, and payment services.
“As of October 2024, UnitedHealth, the parent company behind Change Healthcare have confirmed that over 100 million patients had their personal data compromised,” the report reads “This makes it the biggest healthcare data breach in recent years.”
The attack cost the healthcare giant over $872 million. UnitedHealth confirmed that the BlackCat ransomware gang was behind the cyber attack on Change Healthcare.
Also Read: Apple Confirms macOS Targeted in Zero-Day Vulnerability Cyber Attacks
What is MediBoard?
MediBoard is an open-source software web platform that manages patients' healthcare records. It has been designed to make administrative workflows in healthcare operations easier, from patient appointments and medical history to billing and more.
It employs a multi-layer architecture to handle various interconnected modules that leverage technologies like PHP, XML, XHTML, JavaScript, CSS, Smarty, and PEAR.
MediBoard is powered by Big Data and AI tools, to improve quality of care, facilitate clinical communication and promote smart decision-making. It aims to help users easily manage their health records, track their progress, and communicate with healthcare providers.
How can Hospitals Protect Themselves from Cyberattacks?
Hospitals can protect themselves from cyberattacks by adopting highly secure cyber security measures that prioritise cloud security. These cloud security solutions should be resilient enough to protect their computing systems and organisational data.
Hospitals are especially vulnerable due to large-scale patient data being stored in their systems. To prevent cyber-attacks, data theft, data leaks or any other malicious activity, healthcare organisations are suggested to encrypt patient data while it's in transit and at rest. This can help protect it from unauthorised access.
Entrust suggests the following measures:
- Encrypt and tokenize all patient data – while in transit and at rest – to protect it from unauthorized access
- Enable digital signing of patient records to maintain a secure chain of control over patient data and help mitigate fraud and forgery risks
- When sharing or moving patient data, all personally identifiable information (PII) should be tokenized to further protect patient privacy
Also Read: 122M Victims of Data Leak Linked to B2B Data Firm Security Lapse
Also Read: Amazon Confirms Employee Data Leak After Hacker Alleges MOVEit Breach
