A digital folder containing personal data of over 491,000 French patients, including diagnoses, blood group, telephone, address, social security number and other sensitive information, was leaked by hackers, according to French cybersecurity journalist Damien Bancal.

According to Liberation, the data was accessed from around 30 laboratories that used the same software and are located primarily in northwestern France. The information was said to have been relating to a period between 2015 to 2020.

Information in the leaked database contains specific drug treatments, or pathologies, such as “Levothyrox” , “brain tumor” , “HIV positive” or “deaf patient”.

According to what Bancal wrote on his website ZATAZ, the National Information Systems Security Agency has been “alerted” to the leak of the logs of about half a million patients. 

“We can find this file in seven different places on the Internet,” Bancal told AFP on Tuesday.

Bancal also said that the logs apparently appeared online after a squabble between hackers in a Telegram group who were initially engaged in a negotiation for the sale of the database. After the argument, one of the hackers posted the information online for free.

Bancal was the first one to break the story, in his blog on 14 February.