French healthcare providers agency Viamedis suffered a cyberattack that uncovered the information of policyholders and healthcare professionals within the nation.
Although the corporate’s web site stays offline on the time of writing, an announcement was posted on LinkedIn warning of the information breach.
The info uncovered within the assault features a beneficiary’s marital standing, date of delivery, social safety quantity, identify of well being insurer, and ensures open to third-party fee.
The corporate has clarified that the breached techniques didn’t retailer folks’s banking data, postal particulars, phone numbers, and e mail addresses.
For healthcare professionals, Viamedis says they are going to be sending completely different notifications about what information was uncovered.
Viamedis has knowledgeable impacted well being organizations, filed a criticism with the general public prosecutor, and notified the authorities (CNIL, ANSSI) accordingly. Presently, the corporate continues to research the influence of the cyberattack.
Concerning the dimensions of the breach, Viamedis has not said the variety of uncovered people, however it’s identified that it manages funds for 84 healthcare organizations overlaying 20 million insured people.
The agency’s Normal Director, Christophe Cande, informed Agence France-Presse (AFP) that an investigation is underway to find out the scope of the breach.
“So far, we should not have the variety of insured people impacted; we’re nonetheless within the technique of investigation.” – Cande (GD Viamedis)
Cande has additionally clarified that the cyberattack wasn’t ransomware. As a substitute, he stated a profitable phishing assault on an worker allowed the risk actor to breach its techniques.
One of many organizations working with Viamedis, Malakoff Humanis, has posted a discover on its web site confirming the oblique influence of the Viamedis information breach.
The corporate can also be sending information breach notifications to impacted prospects to tell them of the cyberattack and disruption of providers.
Their message reiterates the data disclosed within the Viamedis discover and assures shoppers that no banking, medical, or contact particulars saved on the platforms have been compromised.
Malakoff Humanis says entry to person accounts and reimbursement claims stays obtainable. Nonetheless, the non permanent disconnection of the Viamedis platform is anticipated to have an effect on the availability of sure healthcare providers.
Different service suppliers utilizing Viamedis, together with Carte Blanche Partenaires, Itelis, Kalixia, Santéclair, and Audiens, are anticipated to expertise comparable conditions.
Native media in France reported that Viamedis wasn’t the one goal of the cyberattack. Reportedly, an organization named “Almerys,” which can also be a fee processor for healthcare organizations, was additionally focused.
