French Healthcare A.I CyberSecurity Scoring
French Healthcare
Company Information
Website:https://frenchhealthcare.com
Employees number:1
Number of followers:11,000
NAICS:62
Industry Type:Hospitals and Health Care
Homepage:frenchhealthcare.com
French Healthcare Risk Score (AI oriented)
Between 0 and 549
French HealthcareHospitals and Health Care
Updated:
04/04/2026
04/04/2026
297/1000
Critical
C
French Healthcare Global Score (TPRM)
xxxx
French HealthcareHospitals and Health Care
Score locked

French HealthcareCritical
Current Score
297C (CRITICAL)
01000
4 incidents
-207 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
326
JUNE 2026
322
MAY 2026
313
APRIL 2026
305
MARCH 2026
296
FEBRUARY 2026
603
Cyber Attack
27 Feb 2026 • French Healthcare
Cegedim Santé and French Health Ministry: Doctors’ records hit by cyberattack: up to 15 million patients in France affected
Massive Cyberattack Exposes Data of 15 Million French Patients
286
CRITICAL-317
CEGFRE1772468826
Massive Cyberattack Exposes Data of 15 Million French Patients
In late 2025, a cyberattack on a widely used medical database in France compromised the personal data of up to 15 million patients, including sensitive information on approximately 164,000 individuals. The breach, confirmed by the French Health Ministry, targeted a software system developed by Cegedim Santé, which is used by around 1,500 doctors across the country.
The stolen data includes administrative details such as names, phone numbers, and postal addresses, as well as highly sensitive information like doctors’ notes on patients’ sexual orientation, religious beliefs, infidelity cases, and sexual assault disclosures. While medical records themselves remained intact, the leak has raised serious privacy concerns. Among the affected individuals are politicians, including potential candidates for the 2027 presidential election, and celebrities.
The attack was first detected by Cegedim Santé in late 2025 after identifying unusual activity in doctor accounts. The company reported the incident to France’s data protection authority, the National Civil Liberties Commission (CNIL), in October 2025, and the Paris prosecutor’s office launched an investigation in November 2025. However, the full scale of the breach only became public on February 27, 2026, when Health Minister Stéphanie Rist disclosed the details.
An alleged hacker, speaking to France2, claimed that only a portion of the stolen data had been published on the dark web, though the broadcaster verified that some sensitive information was already accessible. The investigation remains ongoing, with authorities yet to identify the perpetrators.
The incident has sparked outrage among medical professionals, who argue that government pressure to digitize patient records has left them vulnerable. Agnès Giannotti, president of France’s main GP union (MG France), criticized the push for centralized data storage, warning that it undermines patient trust and safety.
This breach is part of a broader surge in cyberattacks targeting French institutions, including recent incidents affecting the national bank account registry. The fallout from the leak continues to unfold as authorities assess the full impact.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Breach
27 Feb 2026 • French Healthcare
France’s health ministry: Hackers Steal Medical Details Of 15 Million In France
Massive Data Breach Exposes Medical Records of 15 Million in France
286
CRITICAL-317
FRE1772224282
Massive Data Breach Exposes Medical Records of 15 Million in France
France’s health ministry confirmed on Friday that hackers accessed sensitive administrative and medical data belonging to over 15 million individuals, marking one of the country’s largest healthcare-related breaches. The incident follows a separate cyberattack disclosed earlier in the week, in which 1.2 million French bank accounts were compromised.
The breach exposed personal details, including medical notes, though the ministry did not specify the exact timeline of the attack or the method used by the threat actors. Authorities are investigating the scope and potential impact of the stolen data, which could include vulnerabilities for identity theft, fraud, or targeted phishing schemes.
The back-to-back breaches highlight escalating cyber threats to critical infrastructure in France, raising concerns about the security of healthcare and financial systems. No group has claimed responsibility, and the full extent of the damage remains under assessment.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
JANUARY 2026
757
Breach
31 Dec 2025 • French Healthcare
Grenoble École de Management and French Ministry of the Interior: 45M French records leaked after suspected attacker exposed data trove
Massive Data Leak Exposes 45 Million French Records in Suspected Criminal Compilation
598
CRITICAL-159
GREFRE1768723140
Massive Data Leak Exposes 45 Million French Records in Suspected Criminal Compilation
A misconfigured cloud database hosted in France exposed over 45 million records belonging to French citizens, likely compiled by malicious actors from multiple breached sources. The unprotected repository, discovered by Cybernews researchers, contained a mix of sensitive datasets, including:
- 9.2 million healthcare professional records, mirroring France’s official RPPS/ADELI registries.
- 23 million voter or demographic entries, featuring full names, addresses, and birthdates.
- 6 million financial profiles, some with IBANs and BICs tied to French banks.
- Automotive insurance and vehicle registration data, linking individuals to their cars.
- Customer relationship management (CRM) records, including contact details from business systems.
Unlike typical corporate breaches, this incident appears to be the work of data brokers or cybercriminals who aggregated stolen information from unrelated sources to enhance its resale value. The dataset’s structure suggests it was designed for identity cross-linking, enabling targeted phishing, financial fraud, and synthetic identity creation.
The exposed server was secured after researchers notified the hosting provider, but the duration of the leak remains unknown. The breach poses severe risks, including large-scale social engineering attacks and persistent infiltration of critical systems.
This incident follows a surge in cyberattacks targeting French institutions, including recent breaches at Eurofiber France (where attackers accessed a ticket management platform) and high-profile compromises at the French Ministry of the Interior, the University of Lille, and Grenoble École de Management. The scale and diversity of the leaked data underscore the growing threat of criminal data aggregation in cybercrime operations.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
DECEMBER 2025
757
Breach
01 Dec 2025 • French Healthcare
Cegedim Santé: Fuite massive de données après une cyberattaque contre un logiciel de Cegedim Santé : premières réactions
Massive Data Breach Exposes Personal Information of 15 Million French Citizens
612
CRITICAL-145
CEG1772307567
Massive Data Breach Exposes Personal Information of 15 Million French Citizens
A cyberattack targeting Cegedim Santé’s medical software, MLM (MonLogicielMédical.com), has resulted in the exposure of sensitive data belonging to 15 million French citizens on the dark web. The breach, first reported by France 2 on February 26, occurred in late 2025, though details only emerged this week.
The compromised data includes names, phone numbers, birth dates, email and postal addresses of patients whose information was entered by 1,500 general practitioners roughly 40% of the 3,800 physicians using the software. For 169,000 individuals, the leak extended to highly sensitive details, such as medical conditions, sexual orientation, religious affiliation, and records of physical or sexual violence.
The attack was claimed by an unidentified hacker, though it remains unclear whether they were directly responsible or merely disseminated the stolen files. The French Ministry of Health confirmed the breach but emphasized that the incident did not stem from a failure in state-run systems. While structured medical records such as prescriptions or lab results remained unaffected, the scale of the leak is staggering, averaging 10,000 patients per affected physician.
Cegedim Santé detected the breach in late 2025 after identifying abnormal query activity on physician accounts. The company stated it took immediate containment measures, notified authorities (CNIL, ANSSI, and CERT Santé), and filed a police report. Physicians were contacted in early January to assist with GDPR compliance, including patient notifications.
The incident has drawn sharp criticism from MG France, the general practitioners’ union, which argues that doctors should not bear responsibility for the breach. The union has filed a complaint with the CNIL, demanding clarity on liability and urging stronger safeguards before expanding digital health tools like the Dossier Médical Partagé (DMP).
This breach follows a wave of cyberattacks on French healthcare systems, including previous incidents involving third-party payment operators and the Weda software. Despite government initiatives like Care and Ségur numérique to bolster cybersecurity, the sector remains a prime target, raising concerns about patient trust in digital health services.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
NOVEMBER 2025
757
OCTOBER 2025
757
SEPTEMBER 2025
757
AUGUST 2025
757
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for French Healthcare ??
What was French Healthcare's A.I Rankiteo Cyber Score in June 2026 ??
What was French Healthcare's A.I Rankiteo Cyber Score in May 2026 ??
What was French Healthcare's A.I Rankiteo Cyber Score in April 2026 ??
What was French Healthcare's A.I Rankiteo Cyber Score in March 2026 ??
What was French Healthcare's A.I Rankiteo Cyber Score in February 2026 ??
What was French Healthcare's A.I Rankiteo Cyber Score in January 2026 ??
What was French Healthcare's A.I Rankiteo Cyber Score in December 2025 ??
What was French Healthcare's A.I Rankiteo Cyber Score in November 2025 ??
What was French Healthcare's A.I Rankiteo Cyber Score in October 2025 ??
What was French Healthcare's A.I Rankiteo Cyber Score in September 2025 ??
What was French Healthcare's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on French Healthcare's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with French Healthcare ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view French Healthcare's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?