The network of medical biology laboratories Cerballiance confirmed on Friday that it had suffered a computer attack occurred at the end of March, leading to “unauthorized access” to personal data of “some of its patients”.
According to the information communicated, the incident came from a server “hosted by its IT service provider”, an entry point used to illicitly access several categories of sensitive information. Cerballiance, which brings together 700 laboratories in France, has thus validated information initially revealed by The Parisian.
Civil status, identifiers, medical analyzes
In the process, the network, a subsidiary of the Cerba HealthCare group, indicates having “warned the competent authorities”, “contacted the patients concerned by email” and “deactivated the passwords » impacted accounts. The service provider was also ordered “to immediately close the computer server affected by the incident”, specifies a spokesperson interviewed by AFP.
The exact extent of the leak remains unknown at this stage. The company was unable to specify the number of people affected or the volume of data compromised. The information concerned, however, includes themarital statusaccess identifiers to patient areas, certain medical analysis reports as well as the number of Social security.
Beware of suspicious canvassing
No fraudulent exploitation has yet been identified. However, management recommends that the people concerned “redouble their vigilance” in the face of possible suspicious canvassing, whether by telephone or email.
Cerballiance has not disclosed the identity of the service provider involved but claims to have undertaken with it “the essential measures to strengthen its security protocols before preventing a similar situation from recurring”. The network recalls having already been confronted with a comparable incident last year, involving another service provider.
