Leak at Agence Régionale de Santé des Hauts-de-France
A cyberattack on the shared regional health platform (Prédice/GIP Inéa) hosting patient identity data from public hospitals in Hauts-de-France exposed records such as names, dates and places of birth, contact details and, in some cases, social security numbers; medical records were not affected.
- Victim
- Agence Régionale de Santé des Hauts-de-France
On 14 October 2025, the Agence Régionale de Santé des Hauts-de-France — together with GIP Inéa Santé Numérique, operator of the region's shared "Prédice" digital-health platform — disclosed a cyberattack against the servers hosting the identity data of patients treated in the region's public hospitals. The intrusion had first been detected in early September 2025.
According to the ARS and Inéa, the attacker accessed the shared hospital servers by impersonating a healthcare professional, abusing legitimate access to reach the identity records stored on the platform. The breach was limited to administrative identity information: investigators stated that no clinical or medical-record data was stolen, and that the attack had no impact on hospital operations or regional digital-health services.
Exposed data categories reported for affected patients include:
- Birth name, usual name and first name(s)
- Sex, date and place of birth, nationality
- Email address, phone number and postal address
- Social security number (in some cases)
- Organ-donor status, and in some cases weeks of amenorrhea at birth
The number of patients affected in Hauts-de-France was not precisely disclosed; the incident formed part of a wider wave of attacks against several French regional health platforms during autumn 2025. Inéa reinforced security controls to prevent further intrusion and ran an individual notification campaign by SMS and email, warning recipients that the main residual risk is targeted phishing using the leaked identity details.
Sources
- info.inea.frhttps://info.inea.fr/
- hauts-de-france.ars.sante.frhttps://www.hauts-de-france.ars.sante.fr/cyberattaque-menee-contre-les-donnees-didentite-des-patients-des-hopitaux-publics-de-la-region
- hauts-de-france.ars.sante.frhttps://www.hauts-de-france.ars.sante.fr/une-cyberattaque-dirigee-contre-les-donnees-didentite-des-patients-des-hopitaux-publics-de-la
- france3-regions.franceinfo.frhttps://france3-regions.franceinfo.fr/hauts-de-france/nord-0/les-hopitaux-des-hauts-de-france-victimes-d-une-cyberattaque-contre-les-serveurs-hebergeant-les-donnees-d-identite-de-patients-3213338.html