Massive Data Breaches at Viamedis and Almerys Affect 33 Million in France: A Shocking Revelation

Imagine waking up one morning and discovering that your personal information, along with that of millions of others, has been compromised. This nightmare became a reality for over 33 million people in France when two healthcare payment service providers, Viamedis and Almerys, suffered massive data breaches.

Who are Viamedis and Almerys?

Operating in France, Viamedis and Almerys provide healthcare and insurance services by offering technological and administrative solutions to facilitate transactions. They manage the sensitive data of policyholders required for granting reimbursements and generally streamline the payment process in France’s complex, multi-layered insurance coverage system.

What happened during the data breaches?

Viamedis first disclosed the cybersecurity incident a week ago on LinkedIn, revealing that they suffered a data breach impacting beneficiaries and healthcare professionals. The exposed information includes names, dates of birth, insurer details, social security numbers, marital status, civil status, and guarantees open to third-party payment. Fortunately, no banking information, email addresses, postal details, or telephone numbers were exposed, as Viamedis stated it does not store this type of data on the breached systems.

While the company serves 20 million insured individuals through the 84 healthcare organizations that use its services, they have not disclosed how many of them were impacted by the incident. This is currently under investigation.

As for Almerys, the breach was initially reported by local news outlets citing anonymous sources, and the firm has yet to release an official statement on the incident.

France’s data protection authority, CNIL, has now confirmed both data breaches and says that the attacks impacted 33 million people in the country, making it one of the most significant cyberattacks in France’s recent history, affecting nearly half of its entire population.

What are the potential consequences for the affected individuals?

Although the exposed data does not include financial info, it is still enough to raise the risk of phishing scams, social engineering, identity theft, and insurance fraud for the exposed individuals. CNIL states that it will ensure that Viamedis and Almerys inform impacted persons directly and individually, as required by the General Data Protection Regulation (GDPR).

If you suspect you are among the impacted, it is advisable to keep a close eye on your accounts and treat incoming communications, especially solicitations concerning health insurance cost reimbursements, with suspicion. CNIL also warns that the data involved in the breach could be combined with other information from previous data leaks.

What happens next?

Finally, CNIL announced the launch of an investigation into this incident to determine what security measures were in place for the two companies and whether GDPR obligations were met.

Don’t let this happen to you

This unfortunate event serves as a reminder of the importance of cybersecurity and the need to protect our personal information. We, as IT Services, are here to help you ensure that your data remains secure. Contact us today and let us guide you through the process of safeguarding your information and preventing such incidents from occurring.

And remember, always stay vigilant and informed – it’s better to be safe than sorry. Keep coming back to learn more about the latest cybersecurity trends and information.