This is data that could make it possible to set up even more credible hacking attempts.
The company Viamedis, which manages third-party payment for 84 supplementary health insurance companies, or 20 million social security policyholders, announced on Thursday that it had been the victim of a cyberattack which exposed “limited” social security policyholder data to intruders.
According to its press release, “the personal data exposed is limited and is as follows: marital status, date of birth and social security number, name of their health insurer and guarantees open to third-party payers”.
“Neither banking information, nor postal details, nor telephone number, nor email are affected by this malicious act,” she indicated.
Also readPhishing, smishing, scams and hacking: cybercrime has exploded
The general director of Viamedis Christophe Candé indicated that he did not yet know the number of social security beneficiaries whose data could be seen.
“To date, we do not have the number” of policyholders “impacted”, “we are still under investigation”, he indicated.
Third-party payment still possible
Upon discovery of the intrusion, Viamedis disconnected its management platform.
This disconnection does not prevent socially insured persons from benefiting from third-party payment.
“Beneficiaries will be able to continue to use their vital card and their third-party payment card, and the temporary disconnection of the platform will only have an impact for certain health professionals, in particular opticians and hearing aid specialists,” indicated Viamedis in its press release.
Christophe Candé clarified that it was not a ransomware attack, but an intrusion into the platform.
“A healthcare professional’s account was phished,” he said.
A complaint was filed with the public prosecutor, according to the press release.
“A notification and a declaration to the competent authorities were made (Cnil, ANSSI)”, according to the same source