Search TorWire

Find cybersecurity guides and research articles

Home > News > Cybersecurity > Cybercriminal Claims Data Leak of 670,000 French Healthcare Professionals

Cybercriminal Claims Data Leak of 670,000 French Healthcare Professionals

By: Jordan Vector Cybersecurity Expert

Last updated: June 23, 2026

Human Written
Cybercriminal Claims Data Leak of 670,000 French Healthcare Professionals
  • An alleged database containing hundreds of thousands of records related to medical professionals in France has been promoted for sale.

  • The exposed records purportedly include highly sensitive information, names of medical professionals, their specialties, addresses, telephone numbers, postal codes and cities. It also includes profile links, but doesn’t contain any patient files.

  • There’s no evidence that the alleged database included patient records or insurance info, but even publicly available professional data can be abused for phishing, fraud, and social engineering when collected and distributed at scale.

A cybercriminal has reportedly posted a massive database connected to a French healthcare directory on an underground forum. The alleged leak involves information on over 670,000 medical professionals across France.

This dataset is being offered via the internet free-of-charge to cybercriminals. There has been no verification of these claims as of yet by an independent source; however, researchers who study security have been paying attention due to the magnitude of the alleged exposure.

What is MedecinFrance?

The website MedecinFrance.com is an online database that provides patients with information regarding medical professionals, and allows the public to search through the database by medical specialty, geographical location, and name of physicians.

The website functions as a healthcare directory rather than a provider of electronic medical records or patient management services. Most of the information presented in a physician’s profile on MedecinFrance.com is available to the public.

Spelling this out is important because the dataset allegedly holds info from a professional directory, and does not contain any sensitive patient information.

Details of the Alleged Data Leak?

A dark web post claims the dataset includes names, medical specialties, addresses, postal codes, cities, phone numbers, and profile URLs.

The fields reportedly included in the leak closely match information commonly found on healthcare directory listings. People are starting to wonder if someone just scraped this information automatically instead of hacking into any internal systems.

Cybercriminals often hype up scraped datasets by calling them “breaches.” It gets more eyes on their posts and stirs up more interest within cybercrime forums.

Questions Remain About the Source of the Data

Everyone’s still trying to figure out whether these records came from an actual database breach or if someone just scraped a ton of public info off the web. Right now, nobody’s found any sign that the advertised database includes sensitive stuff like patients’ records, medical histories, insurance details, or anything about treatment.

There aren’t any public reports that MedecinFrance.com itself suffered a hack attack. The company hasn’t commented, and neither have French authorities confirmed the authenticity of the leaked data. It looks like the threat actor just used automated web-scraping tools and pulled information straight from whatever was already out there on the site.

Why Healthcare Professionals Could Become Targets

Here’s the thing, just because data is publicly available doesn’t mean it’s harmless when someone bundles it all up. Gathering all this info into one place creates brand new risks. Hackers can use these details to make their phishing attempts sound way more real.

If attackers have a tidy database with hundreds of thousands of doctor profiles, names, specialties, cities, and workplaces, they can shoot out convincingly tailored emails.

That kind of targeting makes it a lot more likely someone will bite. On top of that, criminals could use the data to pose as hospitals, regulators, insurance companies, software vendors, or medical associations. It opens the door to all sorts of social engineering tricks.

Attackers now have a curated list of the French medical community. And we could be witnessing more phishing campaigns in the coming days. Attackers would send people messages pretending to be from the Ordre des Médecins or health-tech platforms, using a doctor’s specific name and specialty to make it look legit and convincing.

Part of a Broader Threat Landscape

News about the so-called MedecinFrance.com data leak has surfaced around the same time as healthcare organizations across Europe are wrestling with more cyber threats than ever.

The trend extends beyond directory listings; hackers have also claimed massive breaches of French healthcare data, with the authenticity of those claims similarly unverified.

A lot of healthcare organizations in France have experienced major cybersecurity incidents in recent years. So people are understandably on edge.

So far, no evidence has tied this MedecinFrance.com dataset to a bigger hacking campaign. But the fact that it’s a healthcare data leak makes it something worth taking a close look at.

Healthcare is a prime target for cybercriminals. Medical organizations face unique risks, when their systems go down, it can affect people’s lives, which ramps up the pressure to fix things fast.

What’s Next?

For now, many important questions remain unanswered. Right now, there’s no official word that MedecinFrance.com was actually breached. No independent security analyst has actually looked at the alleged database to verify its authenticity. And there’s no clear information about when the threat actor collected this data.

Also, it’s hard to tell whether the dataset is just public directory details or if it includes private records that aren’t supposed to be publicly accessible.

This data leak claim remains unverified until official confirmations surface. Nonetheless, this incident underscores a wider issue for entities with information readily available online. Even if it’s not sensitive information, when criminals put the pieces together, it can turn into complete info for phishing attempts, fraud, and other online scams.

So health professionals all over France should be on the lookout for suspicious emails, telephone calls, and any misuse of their professional identities. By doing so, they may help stop bad actors from exploiting this information to hurt innocent folks.

Share this article

About the Author

Jordan Vector

Jordan Vector

Cybersecurity Expert

Jordan is a security researcher and advocate who focuses on making privacy practical. Whether he's explaining how to harden a browser or reporting on the latest surveillance disclosures, his goal is to equip readers with knowledge they can use immediately. Jordan believes that true security begins with understanding the digital landscape.

Comments (0)

No comments.