Skip to content
Data breachUnknown

890,000 users affected by a claimed leak at GPS Santé

On 13 March 2026, a threat actor claimed to have leaked a database belonging to GPS Santé, a French health-tech firm offering online medical scheduling and teleconsultation, allegedly exposing data on roughly 890,000 patients and practitioners.

Victim
GPS Santé
records
890.0K

On 13 March 2026, GPS Santé — a French health-tech company founded in 1990 that provides online medical appointment scheduling, teleconsultation, and medical telesecretary services connecting patients with doctors and specialists — was named in a data-leak claim posted by a threat actor.

The actor advertised a database said to have been extracted from GPS Santé, claiming it covered roughly 890,000 users of the platform. As GPS Santé sits between patients and healthcare professionals, the exposed records would relate to both groups. Based on the claim, the data set is described as personal and contact information tied to platform accounts:

  • Names and identity details
  • Contact information (email, phone, postal address)
  • Account and appointment-related data linking patients to practitioners

The breach is a claimed leak: it surfaced through a cybercriminal posting and the underlying database was not independently verified at the time of reporting. GPS Santé holds French health-data hosting certification and positions data security as central to its service, but no public confirmation of the incident, the attack vector, or a remediation response was available. The scale and even the authenticity of the data set remain unconfirmed, and the status of the incident is unknown.

Sources

  1. fuitesinfos.frhttps://fuitesinfos.fr/article/2026-03-13-gps-sante
  2. infos.gpssante.frhttps://infos.gpssante.fr/a-propos/

Related incidents