Malware
Massive Data Breach at French Healthcare Firm Exposes Millions to Cyber Threats
French healthcare services provider Ramsay Générale de Santé suffered a data breach, potentially impacting millions of patients. The attackers stole 19,000 files, including sensitive information such as ID cards, social security numbers, and medical records. Protect your personal data with these 5 essential steps.
Recently, the French healthcare services firm Viamedis fell victim to a cyberattack that exposed sensitive data of policyholders and healthcare professionals in the country.
Although the company’s website is still down, they announced the breach on LinkedIn, letting people know about the incident.
Data exposed in the attack
The compromised data includes information like a beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payments. Thankfully, no banking information, postal details, telephone numbers, or email addresses were stored on the breached systems.
As for healthcare professionals, Viamedis plans to send out notifications detailing the specific data that was exposed. They have already informed impacted health organizations, filed a complaint with the public prosecutor, and notified authorities (CNIL, ANSSI) of the situation. The company is still investigating the full impact of the cyberattack.
How many people were affected?
While Viamedis has not disclosed the exact number of exposed individuals, it’s important to note that the company manages payments for 84 healthcare organizations, covering 20 million insured individuals. The firm’s General Director, Christophe Cande, told Agence France-Presse (AFP) that an investigation is underway to determine the scope of the breach.
“To date, we do not have the number of insured individuals impacted; we are still in the process of investigation.” – Cande (GD Viamedis)
Cande also clarified that the cyberattack wasn’t a ransomware attack. Instead, it was a successful phishing attack on an employee, which allowed the threat actor to breach its systems.
Effects on Viamedis’ partners
One of the organizations working with Viamedis, Malakoff Humanis, has posted a notice on its website confirming the indirect impact of the Viamedis data breach. The company is also sending data breach notifications to impacted customers, informing them of the cyberattack and disruption of services.
Their message reiterates the information disclosed in the Viamedis notice and assures clients that no banking, medical, or contact details stored on the platforms have been compromised. Malakoff Humanis reports that access to user accounts and reimbursement claims is still available. However, the temporary disconnection of the Viamedis platform is expected to affect the provision of certain healthcare services.
Other service providers using Viamedis, such as Carte Blanche Partenaires, Itelis, Kalixia, Santéclair, and Audiens, are likely to experience similar situations.
Interestingly, local media in France reported that Viamedis wasn’t the only target of the cyberattack. Another company, called “Almerys,” which is also a payment processor for healthcare organizations, was also targeted.
Take action and protect yourself
This incident serves as a reminder of the importance of cybersecurity and the potential consequences of data breaches. Whether you’re an individual or a business, it’s crucial to take the necessary steps to protect your sensitive information from cyber threats.
If you’re concerned about your cybersecurity or want to learn more about how to safeguard your data, don’t hesitate to reach out to us. We’re here to help you stay informed and protect yourself from potential cyberattacks. Keep coming back to learn more and stay ahead of the curve in this ever-evolving digital landscape.