A major violation.
“More than 33 million people” are affected by a data theft that affected Viamedis and Almerys, two third-party payment management companies, revealed the National Commission for Information Technology and Liberties (Cnil) this Wednesday, which announced that it was carrying out “investigations”.
The two operators, intermediaries between health professionals and complementary health insurance companies, were targeted by a computer attack at the end of January-beginning of February, carried out by the usurpation of health professionals' identifiers and passwords.
What data was hacked?
According to the CNIL, the data concerned are “marital status, date of birth, Social Security number, name of the health insurer and the guarantees of the contract subscribed” for the insured and their families.
On the other hand, “banking information, medical data, health reimbursements, postal details, telephone numbers”, as well as email addresses, would “not be affected” by this violation.
Read alsoCyberattacks: the business of data resold on the Dark Web
For health professionals, the situation is more critical.
According to a communication from Viamedis to the Federation of Pharmaceutical Unions of France (FSPF), which it details on its website, the hackers recovered the company name, email address, name, first name, address electronic or even the RIB, the and Siret number of certain pharmacists, hearing aid specialists or even opticians.
“The healthcare professionals concerned (including pharmacists) were the subject of targeted communication,” indicates the FSPF.
Viamedis, operating third-party payment for 84 supplementary health insurance organizations, reported 20 million customers potentially affected by this data leak.
A complaint was filed with the public prosecutor, he also indicated.
The CNIL having mentioned “more than 33 million people” concerned, we must think that at least 13 million customers are targeted at Almerys.
How do you know if you are affected?
On its website, the CNIL specifies that it “is not able” to tell users whether they are affected by this data breach.
It is up to the health insurance providers who use the Viamedis and Almerys operators to inform each of the victims, in accordance with the provisions of the general data protection regulation (GDPR).
Some companies have already started warning their customers.
Pacifica, the insurance branch of Crédit Agricole, published an information message on its website on February 2.
“As soon as Viamedis became aware of this act of violation, the platform was immediately disconnected,” she indicates.
Viasanté Mutuelle, from the AG2R La Mondiale group, also reassures.
“As soon as we became aware of this incident and as a precautionary measure, we immediately suspended the online creation of new accounts in our customer areas, strengthened our health expense reimbursement controls,” we can read on page d home of its website.
The CNIL must now ensure that customers affected by the data leak are notified as soon as possible.
To find out if your mutual insurance company is linked to the two service providers who were victims of the attack, you can consult the resopharma.fr website, then contact it directly.
What precautions should be taken ?
The CNIL advises you to remain vigilant, particularly regarding requests that may be received regarding reimbursements of health costs, and to regularly monitor movements on your various accounts.
You can also change your passwords as a precaution.
If the violation does not directly concern the contact data of the persons concerned, this information may be cross-referenced with other files from previous leaks.
Also read “I lost 19,000 euros”: BoursoBank customers victims of a fake IBAN scam
Information such as the social security number or the name of the insurer can also make phishing attempts by email or SMS credible.
A form of scam which aims to encourage a user to open a malicious file or to recover certain information, in particular bank details.
The CNIL reminds that reports are possible in the event of receipt of a suspicious email or SMS via “Signal Spam”, the Pharos platform, available on the government reporting site for illegal content, or by SMS to 33,700 for abusive text messages.