French healthcare providers agency Viamedis suffered a cyberattack that uncovered the info of policyholders and healthcare professionals within the nation.
Although the corporate’s web site stays offline on the time of writing, an announcement was posted on LinkedIn warning of the data breach.
The information uncovered within the assault features a beneficiary’s marital standing, date of start, social security quantity, title of well being insurer, and ensures open to third-party cost.
The corporate has clarified that the breached methods didn’t retailer folks’s banking data, postal particulars, phone numbers, and e mail addresses.
For healthcare professionals, Viamedis says they are going to be sending completely different notifications about what knowledge was uncovered.
Viamedis has knowledgeable impacted well being organizations, filed a criticism with the general public prosecutor, and notified the authorities (CNIL, ANSSI) accordingly. At present, the corporate continues to analyze the influence of the cyberattack.
Concerning the size of the breach, Viamedis has not acknowledged the variety of uncovered people, however it’s recognized that it manages funds for 84 healthcare organizations masking 20 million insured people.
The agency’s Common Director, Christophe Cande, advised Agence France-Presse (AFP) that an investigation is underway to find out the scope of the breach.
“Up to now, we wouldn’t have the variety of insured people impacted; we’re nonetheless within the technique of investigation.” – Cande (GD Viamedis)
Cande has additionally clarified that the cyberattack wasn’t ransomware. As an alternative, he mentioned a profitable phishing assault on an worker allowed the menace actor to breach its methods.
One of many organizations working with Viamedis, Malakoff Humanis, has posted a discover on its web site confirming the oblique influence of the Viamedis data breach.
The corporate can be sending data breach notifications to impacted clients to tell them of the cyberattack and disruption of providers.
Their message reiterates the knowledge disclosed within the Viamedis discover and assures purchasers that no banking, medical, or contact particulars saved on the platforms have been compromised.
Malakoff Humanis says entry to person accounts and reimbursement claims stays accessible. Nonetheless, the short-term disconnection of the Viamedis platform is predicted to have an effect on the availability of sure healthcare providers.
Different service suppliers utilizing Viamedis, together with Carte Blanche Partenaires, Itelis, Kalixia, Santéclair, and Audiens, are anticipated to expertise related conditions.
Native media in France reported that Viamedis wasn’t the one goal of the cyberattack. Reportedly, an organization named “Almerys,” which can be a cost processor for healthcare organizations, was additionally focused.
