The response is organized following the leak of a health data file containing the information of 500,000 French people: in a press release, the CNIL announces that it has seized French justice in order to request the blocking of a file host. of stolen data. The court rendered its decision yesterday and asked the four operators Free, Orange, Bouygues and SFR, to block access to this file without delay and for a period limited to 18 months.
This file was uploaded and distributed through a free host, and then the link was shared on a forum used to distribute stolen data. According to the blocking order issued by the court and relayed by NextInpact, the court chose to request the blocking of the hosting service rather than the only URL redirecting to the file. The ISPs concerned have indeed made it known that they were legally unable to block a specific URL, but that it was possible to block the domain name of the host.
The service in question uses a domain name corresponding to that of the island of Guernsey (.gg) and uses the services of Cloudflare for its distribution. The CNIL indicated that Cloudflare had not responded to its requests concerning the blocking of access to this file. The Commission adds that it has carried out three checks in the context of this data leak and has taken measures to ensure that the laboratories concerned by the data leak alert the patients affected by the leak. She took the opportunity to advise Internet users not to rely on third-party services which offer to know if their data was found in the file in question.
The file appeared online in February, following a disagreement between the seller of the file and one of its buyers. The file was first reported by Zataz, before being put forward by an article in Liberation on the leak. The dissemination of this file, whose data comes from an apparent security breach that affected more than 28 French laboratories, also gave rise to the opening of an investigation by section J3 of the Paris court, specialized. Cédric O had indicated that Anssi had been investigating this data breach since November, long before it was released on the web in open access. The CNIL announces for its part that it is continuing its investigations, “in particular to verify that the appropriate technical measures have been taken to secure the data processed by the various actors involved” according to its press release.