Overview
- The company detected and contained an intrusion on November 28 that exposed personal and health data on its teleconsultation platform.
- Notifications went to roughly 285,000 users whose account information may have been compromised.
- Hackers using the name Dumpsec have claimed a larger trove—up to 320,000 patient records—through an intermediary, a claim under investigation.
- Shared samples reportedly include names, Social Security numbers, treating physicians, and traces of consultation history or treatment dosages.
- MédecinDirect filed a criminal complaint, says it notified the CNIL, warned of phishing and identity-theft risks, and maintains video calls and exchanged documents were not affected.