Read at BleepingComputer
Data breaches at French healthcare payment service providers Viamedis and Almerys have affected over 33 million people, according to the country's data protection authority (CNIL). Viamedis disclosed the breach one week ago, while Almerys has yet to release an official statement. The breaches exposed sensitive personal data of beneficiaries and healthcare professionals, including names, dates of birth, insurer details, social security numbers, marital status, civil status, and guarantees open to third-party payment. The breaches have raised concerns about data security within France's complex healthcare insurance system.
"These operators, who manage the third-party payment for supplementary health insurance, saw the data necessary for their missions compromised during this breach. In total, this data leak concerns more than 33 million people."
Viamedis and Almerys provide technological and administrative solutions to facilitate healthcare transactions in France, and they handle the sensitive data of policyholders required for granting reimbursements and streamlining payments. Viamedis serves 20 million insured individuals through the 84 healthcare organizations it partners with. While it has not disclosed the exact number of individuals affected by the breach, the investigation is ongoing. The breach on Almerys was reported by local news outlets and has been confirmed by CNIL, but the firm has not released an official statement regarding the incident. The data breaches highlight the need for robust data protection measures in the healthcare sector.
No banking information, email addresses, postal details, or telephone numbers were exposed, as Viamedis said it does not store this type of data on the breached systems.