The Paris prosecutor’s office has opened an investigation after data was stolen from mutual health insurance companies.
The Paris prosecutor’s office has opened an investigation into cyberattacks on two third-party payment operators, Viamedis and Almeris, in what could be one of the biggest data leaks ever seen in France, he announced on Friday, February 9.
A prosecutor contacted by AFP said the investigation followed complaints from two service providers. According to the National Commission for Information Technology and Liberties (CNIL), more than 33 million French people have been affected by the attack.
“Relevant data, for policyholders and their families, is marital status, date of birth and social security number, name of health insurer as well as subscribed contract guarantee”The digital privacy police clarified in a press release on Wednesday, adding that banking and medical information and health reimbursement “will not be affected”.
Identity Theft
Affected French people are advised“Be careful about requests that(they can) receive, especially if they concern reimbursement of health expenses”But even that To check the activities and movements from time to time (his) Separate Accounts ». It is in fact “It is possible that the data that was the subject of the breach is linked to other information from previous data leaks”CNIL explained.
The attack was carried out by hijacking the identifiers and passwords of health professionals. Elmeri and Viamedis have not released any information to understand whether the attacks were intended solely to steal data, or whether they may have had other goals such as planting ransomware.
The alert was given on 1er February. Wymedis, which filed a complaint with the public prosecutor, indicated that it had disconnected its management platform upon detection of the intrusion, which did not prevent Social Security policyholders from taking advantage of third-party payments. Its general director, Christophe Kand, explained that it was not a ransomware attack but an infiltration of the platform. “Healthcare Professional’s Account Phished”He then declared.
Almeris, for its part, announced on Wednesday that its central information system was not affected by the cyber attack. Just the sound “A Portal Dedicated to Healthcare Professionals” was reached and closed, the company claimed.