Europe 1 with AFP 7:57 p.m., February 7, 2024
The data of more than 33 million people was compromised during the cyberattack targeting the Viamedis and Almerys cyberattacks, which manage third-party payments for complementary health insurance, the CNIL announced on Wednesday.
“The data concerned are, for the insured and their family, the marital status, the date of birth and the social security number, the name of the health insurer as well as the guarantees of the contract subscribed,” specified in a press release the digital privacy watchdog, adding that banking information, medical data or health reimbursements “would not be affected”.
The CNIL, which will "conduct investigations very quickly" to verify whether the security measures of these operators were in compliance with their obligations, also calls on each of the complementary services using Viamedis and Almerys to inform "individually and directly" all of their policyholders affected by this data breach.
“A healthcare professional’s account was phished”
She warns that she will ensure this is done “as soon as possible”. At the beginning of February, Viamedis, which filed a complaint with the public prosecutor, indicated that it had disconnected its management platform upon discovery of the intrusion, which did not prevent social security policy holders from benefiting from third-party payment.
>> Find all the newspapers from the Europe 1 editorial team in replay and podcast here
Its general director, Christophe Candé, explained that it was not a ransomware attack but an intrusion into the platform. “The account of a healthcare professional was phished,” he then revealed.