2024-02-02 17:39:59
The company Viamedis, which manages third-party payment for 84 supplementary health insurance companies, or 20 million people with social insurance, announced on Thursday February 1 that it had been the victim of a cyberattack which exposed data to intruders. of social security holders.
The personal data potentially concerned are sensitive. It is “civil status, [la] date of birth, [le] social Security number, [le] name of their health insurer and [les] guarantees open to third party payers”, the company explained in a press release. “ Neither banking information, nor postal details, nor telephone number, nor e-mail are affected by this malicious act”she however clarified.
The general director of Viamedis, Christophe Candé, announced to Agence France-Presse that he did not yet know the number of social security beneficiaries whose data might have been seen. The company was “ still under investigation » Thursday in the middle of the day, according to its general director.
Equipped with this type of data, hackers can design phishing emails, very credibly posing as health organizations or banks.
Total disconnection from the platform
Upon discovery of the intrusion, Viamedis disconnected its management platform. This disconnection does not prevent socially insured persons from benefiting from third-party payment: “Beneficiaries will be able to continue to use their Carte Vitale and their third-party payment card, and the temporary disconnection of [la] platform will only have an impact for certain health professionals, in particular opticians and hearing aid specialists” said Viamedis in its press release.
Christophe Candé clarified that it was not a ransomware attack, but an intrusion into the platform. “A healthcare professional’s account was phished”he explained without further details.
Read also: Article reserved for our subscribers Behind ransomware attacks, a criminal ecosystem continues to flourish
A complaint was filed with the public prosecutor, according to the press release. A notification to the National Commission for Information Technology and Liberties, mandatory in the event of a personal data breach, as well as a declaration to the National Information Systems Security Agency, customary during a computer attack, have been carried out, according to the same source.
1707030352
#data #belonging #million #social #security #holders #threatened #Viamedis #hack
