Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:


Home / News
FRENCH SUPERVISORY AUTHORITY: AP-HP health data leak – what to do if you are affected?

FRENCH SUPERVISORY AUTHORITY: AP-HP health data leak – what to do if you are affected?

The CNIL has been informed of the data leak from the Assistance Publique-Hôpitaux de Paris (AP-HP) concerning 1.4 million people tested against COVID-19 in mid-2020. The Authority reminds the persons concerned, who will be informed individually by the AP-HP, not to try to consult this file.

How to understand if you are affected?

Where a data breach is likely to pose a high risk to rights and freedoms, the responsible organizations are obliged to inform the persons concerned directly that their data has been compromised and published online.

If this data leak concerns you, the responsible organization (AP-HP) should have informed the person concerned.

The CNIL is not in a position to inform of the presence of data in this file.

Pay Attention: some websites indicate that they are in possession of the data and can tell you whether or not you are affected. The CNIL advises you not to use them.

Which data may be compromised?

The loss of data includes in particular the following information, compiled during the test:

  • first and last name
  • date of birth
  • gender; and
  • social security number;
  • postal address, e-mail address or telephone number;
  • the characteristics of the test used;
  • the result of the test.

This information, related to contact tracing, does not include other medical information.

What are the main risks

1. Phishing

Phishing consists of sending a fraudulent email or SMS that looks more realistic due to the use of data retrieved through the data leak (a so-called GP or Social Security email for example).

What to do in case of a suspicious message?

  • Do not open any attachments.
  • Do not reply to the message.
  • Do not look at the links and delete the message immediately.

2. Identity theft

If you think you may be a victim of identity theft as a result of disclosing information, you can:

  • visit cybermalveillance.gouv.fr to get advice on how to protect yourself from identity theft;
  • file a complaint as soon as possible with a police or gendarmerie station.

If the usurpation is confirmed, ask the CNIL to consult the bank account file (FICOBA) to find out whether any accounts have been opened in your name by the hacker.


Recommended to you

Advanced Research