French healthcare services company Viamedis has fallen victim to a cyberattack that has compromised the data of policyholders and healthcare professionals within the country. While the Viamedis website remains offline, the company has issued a warning on LinkedIn regarding the breach. Information exposed in the attack includes sensitive details such as social security numbers and health insurer information, though Viamedis assures that banking and contact information was not stored on the breached systems.
In response to the breach, Viamedis has taken several actions, including informing impacted health organizations, filing a complaint with the public prosecutor, and notifying relevant authorities such as CNIL and ANSSI. Despite these measures, the full scope of the cyberattack remains unclear, with Viamedis currently conducting an investigation to assess the extent of the breach. The company’s General Director, Christophe Cande, has confirmed that the attack was not ransomware but instead resulted from a successful phishing attack on an employee, highlighting the evolving tactics employed by cybercriminals.
The repercussions of the cyberattack extend beyond Viamedis, as one of its partners, Malakoff Humanis, has also confirmed the indirect impact of the breach on its operations. While Viamedis works to address the breach and restore services, affected customers are being notified of the incident. Despite assurances from Malakoff Humanis that access to user accounts and reimbursement claims remains available, the temporary disconnection of the Viamedis platform is expected to disrupt certain healthcare services. Moreover, other service providers utilizing Viamedis, such as Carte Blanche Partenaires, Itelis, Kalixia, Santéclair, and Audiens, are likely to face similar challenges as a result of the cyberattack.
Reference:
