Softway Medical Group has confirmed that a cyberattack compromised a MediBoard account used for managing electronic patient records at several French hospitals. The attack, which exposed sensitive health data from approximately 750,000 patients, was not due to any vulnerabilities in the MediBoard software itself. Instead, the breach occurred through stolen credentials from the hospital’s infrastructure, raising concerns about the security of access credentials and internal systems at healthcare facilities.
The MediBoard platform, widely used across Europe for electronic patient record management, was not the direct target of the cyberattack, according to Softway’s statement. While the software remains secure, the company stressed that the breach involved compromised privileged accounts within the hospital’s own infrastructure. The hospital was responsible for hosting the exposed data, not Softway Medical Group, who confirmed that their software had no direct involvement in the breach.
Despite this clarification, the incident highlights a growing concern within the healthcare sector about the security of electronic patient records. Healthcare providers using third-party platforms such as MediBoard are at risk if internal systems and access controls are not adequately secured. The breach underscores the need for hospitals to enhance their cybersecurity protocols, particularly in safeguarding sensitive patient information against malicious actors who can exploit stolen credentials.
As the investigation into the breach continues, Softway Medical Group has reassured the public that the company is actively working with the affected hospitals to contain the damage and prevent further incidents. Hospitals and software providers alike will likely face increasing scrutiny regarding their data protection measures as such attacks continue to target the healthcare sector. This incident serves as a critical reminder of the importance of securing both software platforms and the infrastructure that supports them.
Reference:
