Man charged with hack which shared COVID-19 test details in protest against vaccine pass • Graham Cluley

Man charged with hacking sharing COVID-19 test details in protest of vaccine passport

Police in France have arrested and charged a 22-year-old man with hacking into a “secure” file-sharing system used by a Parisian hospital association and stealing the COVID-19 test details from about 1.4 million people.

According to local media reports, the alleged hacker not only stole very sensitive information from the Assistance Publique-Hôpitaux de Paris (AP-HP), but also distributed the data as part of an anti-vaccine protest.

The French government requires individuals to carry a “vaccine passport” (known as a sanitary pass) if they want to enter cafes, bars, restaurants, museums, cinemas and access events.

Sign up for our newsletter
Safety news, advice and tips.

While many French people are happy to carry the passport (because they are not crazy), others have protested that being vaccinated against a potentially deadly virus that can infect others is a violation of their civil liberties.

Last month, AP-HP announced that it had suffered a data breach in which patients’ full names, dates of birth, gender, social security numbers, home addresses, email addresses, phone numbers and mid-2020 test results were distributed via the Mega file-sharing site .

The hack is said to have involved a “secure file sharing service” used by AP-HP in September 2020 to transfer information to other agencies to help with contact tracking. Things were clearly not quite as safe as one might have hoped.

Authorities believe the arrested man uploaded the stolen data to Mega. Although the stolen information was subsequently removed from the file-sharing site, it was too late to prevent others from distributing their own copies of the data.

Did you find this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.

Graham Cluley is a veteran of the antivirus industry who has worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr. Solomon’s Anti-Virus Toolkit for Windows. Now an independent security analyst, he appears regularly in the media and is an international public speaker on the topic of data security, hackers and online privacy. Follow him on Twitter at @gcluleyor send him an email.

Leave a Comment