Viamedis, a French healthcare services provider, suffered a cyberattack that exposed the private data of policyholders and medical professionals in the country.
Though the company's website is currently not accessible, an announcement concerning the data breach has been posted on LinkedIn.
The data revealed in the hack includes a beneficiary's marital status, date of birth, social security number, health insurer's name, and guarantees that can be paid by third parties.
The firm has clarified that the compromised systems did not contain people's banking details, postal addresses, phone numbers, or emails.
Viamedis states that different alerts on the data that was exposed will be sent to healthcare professionals.
In light of this, Viamedis has contacted the relevant authorities (CNIL, ANSSI), impacted health organisations, and the public prosecutor via complaint. The business is still looking into the implications of the breach.
Since Viamedis oversees payments for 84 healthcare organisations that serve 20 million insured people, it is evident that the hack has a considerable impact. However, the exact number of individuals impacted has not been disclosed.
An investigation is being launched to determine the extent of the breach, according to Agence France-Presse (AFP) and the company's general director, Christophe Cande.
"To date, we do not have the number of insured individuals impacted; we are still in the process of investigation." - GD Viamedis' Cande.
Additionally, Cande stated that ransomware wasn't employed in the cyberattack. Instead, he claimed that the threat actor gained access to its systems through a phishing attempt that was successful against an employee.
A warning confirming the indirect impact of the Viamedis data breach has been posted on the website of Malakoff Humanis, one of the organisations that works with Viamedis.
Malakoff Humanis, one of the organisations associated with Viamedis, has put a notification on its website confirming the indirect effects of the data breach.
In addition, the company is notifying affected consumers of the hack and service disruption through data breach notifications.
The statement reiterates the information mentioned in the Viamedis notification and informs customers that no banking, medical, or contact information saved on the platforms has been compromised.
According to Malakoff Humanis, users can still access their accounts and submit reimbursement claims. However, the temporary disconnection of the Viamedis platform is expected to disrupt the delivery of certain healthcare services.
Similar circumstances are foreseen for other Viamedis service providers, such as Carte Blanche Partenaires, Itelis, Kalixia, Santéclair, and Audiens.
