Clinique Ambroise Paré Beuvry: also a victim of a cyberattack
The Ambroise Paré clinic in Beuvry says it was the victim of a cybersecurity incident on 21 April 2026, according to a communication published on 30
- Victim
- Clinique Ambroise Paré Beuvry
Incidents in sector:
Healthcare
Sterimed: internal files published after a cyberattack
The STERIMED group, specialist in sterilisation packaging and solutions for the medical sector, is allegedly the victim of a cyberattack with a leak of
- Victim
- Sterimed
Clinique de l'Yvette: a leak of medical imaging claimed
The Clinique de l'Yvette in Longjumeau is reportedly targeted by a cyberattack, with data put online and administrator access claimed by a
- Victim
- Clinique de l'Yvette
Nosho: 133,000 users compromised, a new leak that weakens the medical sector
Following our article published on 5 April 2026, the company Nosho wanted to provide several clarifications on the incident: An attack on our database
- Victim
- Nosho
113,000 members affected by a cyberattack at La Mutuelle Familiale
Members of La Mutuelle Familiale are potentially affected by a computer intrusion discovered on March 17, 2026. In total, 113,000 members could be affected, according to…
- Victim
- La Mutuelle Familiale
Stryker Handala wiper attack (Iran-linked, 2026)
The Iranian state-linked group Handala compromised Stryker's Microsoft Intune administrator account and used the endpoint-management tool to wipe more than 200,000 servers, mobile devices, and corporate endpoints across 79 countries — bringing operations at one of the world's largest medical-device makers to a halt.
- Victim
- Stryker
Leak at Clinique du Millénaire (via Weda)
surname, first name; postal address; email address; phone number; health data
- Victim
- Clinique du Millénaire
Leak at Inovie Labosud
identity data medical data contact details social security and health insurance details
- Victim
- Inovie Labosud
Leak at Hôpital privé de la Loire
530,000 patients last name, first name date of birth gender postal address phone NIR insurance and administrative documents consultation results
- Victim
- Hôpital privé de la Loire
Leak at Cerballiance
surname, first name; date of birth; postal address; social security number; supplementary health insurance scheme, mutuelle fund, rights end date
- Victim
- Cerballiance
Yale New Haven Health data breach (2025)
Suspicious network activity at Yale New Haven Health led to the largest U.S. healthcare data breach of 2025: 5.5 million patients had names, contact details, dates of birth, medical record numbers, and Social Security numbers stolen. The health system later agreed to an $18 million class-action settlement.
- Victim
- Yale New Haven Health System
- Loss
- $18.0M
- Records
- 5.6M
Leak at Mutuelle des Motards
first and last name, email address, phone number, postal code
- Victim
- Mutuelle des Motards
Star Health insurance breach and senior-official extortion (India, 2024)
A hacker using the alias xenZen exposed personal and medical data on 31.2 million Star Health customers via Telegram bots, alongside 5.76 million claims records. The leak escalated into a public extortion drama implicating a senior Star Health official.
- Victim
- Star Health and Allied Insurance
- Loss
- $30.0M
- Records
- 31.2M
Change Healthcare ransomware (ALPHV/BlackCat)
ALPHV/BlackCat compromised Change Healthcare via Citrix portal lacking MFA, paralyzed U.S. prescription claims for weeks, and exfiltrated data on an estimated 100 million people.
- Victim
- Change Healthcare (UnitedHealth Group)
- Loss
- $2.87B
- Records
- 100.0M
23andMe credential-stuffing breach
Attackers used credentials reused from prior breaches to access 23andMe accounts, then leveraged the 'DNA Relatives' feature to scrape ancestry and genetic profile data on 6.9 million users from compromised relatives' connections.
- Victim
- 23andMe Holding Co.
- Loss
- $50.0M
- Records
- 6.9M
AIIMS Delhi ransomware
Ransomware encrypted the All India Institute of Medical Sciences in New Delhi — India's most prestigious public hospital — taking patient registration and clinical records offline for two weeks during peak winter patient load.
- Victim
- All India Institute of Medical Sciences (AIIMS) New Delhi
- Loss
- $15.0M
Medibank ransomware (REvil-affiliated)
Russian-speaking attackers exfiltrated full health-claim records on 9.7 million current and former Medibank customers, then released them in tranches on the dark web after the Australian insurer refused to pay.
- Victim
- Medibank Private
- Loss
- $250.0M
- Records
- 9.7M
Hillel Yaffe Medical Center DeepBlueMagic ransomware (Israel, 2021)
DeepBlueMagic ransomware — attributed by Israeli officials to a Chinese criminal group — hit Hillel Yaffe Medical Center in Hadera, becoming the first known successful ransomware attack on an Israeli healthcare entity. Recovery extended for months. Israeli authorities subsequently reported a wave of follow-on attempts against nine more hospitals.
- Victim
- Hillel Yaffe Medical Center
HSE Ireland ransomware (Conti)
Conti ransomware paralysed Ireland's Health Service Executive, forcing cancellation of outpatient appointments nationwide for weeks. Conti released the decryptor for free; recovery still cost an estimated €100M+.
- Victim
- Health Service Executive (HSE) of Ireland
- Loss
- $130.0M
- Records
- 700.0K
HSE Ireland Conti ransomware national healthcare shutdown (2021)
Conti operators tricked an HSE user into downloading a booby-trapped Excel attachment; the resulting ransomware forced the Health Service Executive to shut down all of Ireland's healthcare IT systems and exfiltrated 700 GB including COVID-19 vaccination PHI. Recovery cost exceeded €100 million.
- Victim
- Health Service Executive (HSE) of Ireland
- Loss
- $110.0M
Vastaamo psychotherapy data breach and patient extortion (Finland, 2020)
Records on approximately 33,000 patients of Finnish psychotherapy provider Vastaamo were stolen in 2018 from an unencrypted database with no root password. After failed company-extortion in October 2020, the attacker sent ransom demands to ~30,000 patients directly. Founder later acquitted; Aleksanteri Kivimäki convicted and sentenced to 6 years 3 months.
- Victim
- Vastaamo (Finnish psychotherapy centre)
- Loss
- $670.0K
- Records
- 33.0K
SingHealth data breach
Chinese state-attributed actors exfiltrated personal and outpatient medication records on 1.5 million SingHealth patients — including Prime Minister Lee Hsien Loong — in Singapore's most serious cyber incident.
- Victim
- Singapore Health Services (SingHealth)
- Loss
- $7.5M
- Records
- 1.5M
NotPetya destructive wiper
A destructive wiper disguised as ransomware, propagated via a compromised Ukrainian accounting software update. Estimated $10 billion in global damage — the most economically destructive cyberattack in history.
- Victim
- M.E.Doc users (Maersk, Merck, FedEx-TNT, Mondelez, Saint-Gobain et al.)
- Loss
- $10.00B
WannaCry ransomware worm
A North Korean ransomware worm that exploited the EternalBlue SMB vulnerability to spread to ~200,000 systems across 150 countries in 24 hours. Paralysed the U.K.'s NHS and crippled manufacturing globally.
- Victim
- ~200,000 organizations worldwide (UK NHS, Telefónica, Renault, Deutsche Bahn, Honda et al.)
- Loss
- $6.00B
Anthem Inc. data breach
Chinese state-attributed actors exfiltrated personal data on 78.8 million current and former Anthem health insurance customers — at the time the largest healthcare-sector breach in U.S. history.
- Victim
- Anthem Inc.
- Loss
- $260.0M
- Records
- 78.8M