Massive Data Breach in France: Internet pirates breached the data of two companies that administer payments for medical expenses, putting the personal information of 33 million individuals in the hands of con artists, according to the French privacy watchdog.
The organizations in charge of managing the tiers payant, or third-party payment systems, for a total of 147 top-up insurance providers, revealed the data compromise on February 2.
According to reports, targeted phishing attacks by pirates obtained access to the databases of both organizations.
The Commission nationale de l’informatique et des libertés (CNIL), France’s privacy authority, confirmed on February 7 that the data breaches affected 33 million people.
Social Security: A Crucial Pillar of UAE Economic System, says GPSSA
What data did the hackers gain access to?
In a statement, CNIL specified the following as being compromised:
- Appellations (“
- Civil standing
- The days of delivery
- Social Security identification numbers
- The identities of the victims’ insurance providers
- The insurance policy of the victims ensures
Nevertheless, the breach does not pertain to:
- Bank information
- The specifics of medical ailments
- The particulars of reimbursement
- A postal location
- Inbound telephone numbers
- Email addresses are used.
How can I determine whether or not my information has been compromised?
According to the CNIL statement, each individual impacted by the data compromise will receive communication “individually and directly” from their top-up providers.
A subset of top-up providers do not employ Viamedis and Almerys. Additional third-party payment systems run by SP Santé and Actil are unaffected.
However, some of the largest top-up suppliers, including Axa Health and AIG Vie Direct, do utilize these systems.
If my data has been compromised, what steps should I take?
Scammers may regrettably utilize the information in phishing attempts.
Scammers posing as banks or insurance companies and attempting to coerce victims into paying for unforeseen expenses, premiums, fines, or debts are one example.
Although the compromised data does not contain any contact information, it is possible that fraudsters could cross-reference the compromised data with data obtained from other sources.
CNIL recommends exercising vigilance, especially when contacted regarding health costs. Instead of responding to such messages or phone calls directly, use the contact information obtained from official sources to communicate with the organizations directly.
Additionally, CNIL advises individuals to monitor their bank accounts for any suspicious activity.
In light of the extensive magnitude of the data intrusion, the privacy watchdog further declared its intention to investigate to ascertain the adequacy of all implemented data protection measures.
Social Security to Provide $1,900 to Recipients on February 2
