Cyber Security
750,000 French Patients’ Data Leaked While Advertisers Sell Data Of US Military Workers
By TechDogs Bureau
Updated on Thu, Nov 21, 2024
Share
This can be of the simpler variety where a technology company leverages your personal and private information to target tailored ads towards its users, or of the more dangerous kind where sensitive personal user data finds its way into the hands of bad actors through hacks, ransomware attacks, phishing scams or other illegal means.
In the last week, both these kinds of incidents transpired, affecting millions of people.
For one, an unnamed French hospital was attacked by a hacker, who breached its electronic patient record (ERP) system.
A bad actor using the nickname “nears” (previously “near2tlg”), who claims to be behind the attack, put up the data for sale on BreachForums, saying they had the details of over 1.5 million people.
To prove that they had the data, the bad actor leaked the data of over 750,000 patients (758,912 to be exact).
As per a report by BleepingComputer, the data was offered to three buyers, however, no buyers were declared for the data. This included information from multiple hospitals including Centre Luxembourg, Clinique Alleray-Labrouste, Clinique Jean d'Arc, Clinique Saint-Isabelle, and Hôpital Privé de Thiais.
The compromised data contains information such as name, date of birth, gender, address, city, postal code, phone number/s, and email addresses of patients.
Furthermore, medical information such as attending physicians, prescriptions, death declarations, external identifiers, and health card history was included.
The hacker claimed to have more information spanning billing, passport, ID card, appointment schedules, creation and modification of medical records, and more.
The hacker claims to have breached MediBoard, an ERP solution developed by Softway Medical Group.
While Softway Medical Group confirmed that a MediBoard account was indeed compromised, the breach didn’t involve problems in its systems but was executed due to stolen credentials used by the hospital.
An excerpt from an email shared by Softway read (translated) “On November 19, 2024, a cyberattack was detected within a healthcare facility using our MediBoard software. We would like to emphasize that the data in question was not hosted by Softway Medical Group.”
“From the moment the attack was authenticated and confirmed that morning, our teams immediately informed the concerned client. We mobilized our operational, technical, and service management teams to assist the client in handling the situation effectively.”
“At this time, our thorough investigations, which are still ongoing, confirm that our MediBoard software is not implicated in this cyberattack.”
On the unethical but legal side of data sharing comes the recent joint investigation by WIRED, Bayerischer Rundfunk (BR), and Netzpolitik.org, which found that US-based companies are legally collecting location data for the purpose of advertising.
This collection isn’t restricted to just users within the United States but also US nationals in foreign countries, which can include military personnel and intelligence workers.
The report finds that over 3 billion phone coordinates have been collected, and reflects movement to top-secret intelligence sites, nuclear vaults, and even brothels in Germany, which is where the investigation was conducted.
“We tracked hundreds of thousands of signals from devices inside sensitive US installations in Germany. That includes scores of devices within suspected NSA monitoring or signals-analysis facilities, more than a thousand devices at a sprawling US compound where Ukrainian troops were being trained in 2023, and nearly 2,000 others at an air force base that has crucially supported American drone operations,” reads the report.
Since these methods are currently legal, US leaders and Pentagon officials remain powerless in stopping such tracking.
Moreover, these techniques are essentially providing the world with cheap ways to track the movements of US government officials living abroad. From the time they leave their homes to when they drop their children off at school, from which restaurant they eat at to the location of numerous top-secret military installations and air bases—everything can be tracked and traced, including timings and more.
This raises an important question about the ethics of tracking user data, location, and other information and putting it up for sale in the name of advertising.
Do you think social media companies should be barred from collecting information from high-ranking officials and government officials not just in foreign countries but also at home?
Let us know in the comments below!
First published on Thu, Nov 21, 2024
Enjoyed what you've read so far? Great news - there's more to explore!
Stay up to date with the latest news, a vast collection of tech articles including introductory guides, product reviews, trends and more, thought-provoking interviews, hottest AI blogs and entertaining tech memes.
Plus, get access to branded insights such as informative white papers, intriguing case studies, in-depth reports, enlightening videos and exciting events and webinars from industry-leading global brands.
Dive into TechDogs' treasure trove today and Know Your World of technology!
Disclaimer - Reference to any specific product, software or entity does not constitute an endorsement or recommendation by TechDogs nor should any data or content published be relied upon. The views expressed by TechDogs' members and guests are their own and their appearance on our site does not imply an endorsement of them or any entity they represent. Views and opinions expressed by TechDogs' Authors are those of the Authors and do not necessarily reflect the view of TechDogs or any of its officials. While we aim to provide valuable and helpful information, some content on TechDogs' site may not have been thoroughly reviewed for every detail or aspect. We encourage users to verify any information independently where necessary.
Tags:
Related News on Cyber Security
Kaspersky Exits US, Forcibly Switches Users To UltraAV
Wed, Sep 25, 2024
By TD NewsDesk
Cloud Range Wins 2023 ASTORS Homeland Security Award
Thu, Nov 23, 2023
By Business Wire
Seraphic Security Named As A 2023 SC Awards Finalist
Tue, May 23, 2023
By Business Wire
ExtraHop Presents Ratiodata With Gold Partner Status
Wed, May 10, 2023
By Business Wire
Related Events & Webinars on Cyber Security
Cyber Campus: Workforce Development and Student Career Journey
Tue, Feb 11, 2025
By IBM
Tampa Cybersecurity Summit 2025
Fri, Jan 24, 2025
By The Official Cyber Security Summit
Trending TD NewsDesk
CES 2025: NVIDIA Had A Field Day On Media Day
By TechDogs Bureau
Meta Scraps Its AI Characters Amid Backlash As Microsoft Reveals $80 Billion Investment
By TechDogs Bureau
United Airlines Announces Starlink Deployment Plans For In-Flight Connectivity
By TechDogs Bureau
Apple To Pay $95 Million To Settle Privacy Lawsuit, Other Products Shine And Sink
By TechDogs Bureau
US Gov Reveals Historic $1 Billion Nuclear Deal With Constellation Energy
By TechDogs Bureau
Join Our Newsletter
Get weekly news, engaging articles, and career tips-all free!
By subscribing to our newsletter, you're cool with our terms and conditions and agree to our Privacy Policy.
Join The Discussion