This was announced by the company Viamedis, which manages third-party payments for 84 supplementary health insurance policies or 20 million social insured persons, on Thursday 1stum February was the victim of a cyberattack that leaked data to intruders the social security provider.
The personal data potentially affected is sensitive. It is “Civil status, [la] Birth date, [le] social security number, [le] Name of your health insurance and [les] Guarantees open to third-party payers,” the company said in a press release. “ Neither bank details, postal details, telephone number, nor email are affected by this malicious act.”however, she clarified.
The general director of Viamedis, Christophe Candé, told Agence France-Presse that he did not yet know how many social security recipients would have been able to view the data. The company was “ still under investigation » Thursday in the middle of the day, according to the general manager.
Armed with this type of data, hackers can design phishing emails very credibly impersonating healthcare organizations or banks.
Complete disconnection from the platform
After the breach was discovered, Viamedis shut down its management platform. This separation does not prevent social insured persons from claiming benefits from third parties: “Beneficiaries can continue to use their Carte Vitale and third-party payment card and temporarily block them [la] The platform will only impact certain healthcare professionals, particularly opticians and audiologists.” Viamedis said in its press release.
Christophe Candé clarified that it was not a ransomware attack, but rather an intervention in the platform. “The account of a medical professional was faked”he explained without elaborating.
A report was filed with the public prosecutor’s office, according to the press release. Accordingly, a report was made to the National Commission for Information Technology and Freedoms, which is mandatory in the event of a personal data breach, as well as a report to the National Agency for Information Systems Security, as is usual in the event of a computer attack, source.
