French healthcare software provider Cegedim Santé suffers major data breach

As reported by Tech Radar, French healthcare software provider Cegedim Santé has confirmed a significant cyberattack that resulted in the exfiltration of sensitive patient data and limited doctor notes.

The breach was detected in late 2025 when unusual activity was observed on the MonLogicielMedical (MLM) product, used by approximately 3,800 doctors in France. Attackers gained access to administrative data for around 1,500 affected doctors, compromising patient names, gender, dates of birth, contact information, and administrative comments. For a small subset of patients, these comments may have included sensitive personal notes from doctors.

While structured medical records remained intact, the incident involved 15.8 million records in total, including 165,000 files containing doctors' notes. Reports suggest the exposed data may include details on conditions like HIV/AIDS and sexual orientation, potentially affecting vulnerable individuals. Cegedim Santé has notified French authorities, including the CNIL, and filed a complaint. 

Source: Tech Radar