Following the hacking of the Ameli platform, your medical data may now be found in the wild. In a press release, Assurance Maladie confirmed that it had been the victim of an attack compromising the personal information of 510,000 French people. The flaw has since been patched and the attackers’ IP addresses banned.
Because of the data it hosts, Health Insurance is regularly the target of hackers. However, like any platform, it contains security flaws that endanger the anonymity of the French. In 2019 in particular, a huge vulnerability had to be patched urgently to avoid the worst. But developers don’t always react in time and, sometimes, hackers manage to rush into the breach.
In a press release published this Thursday, March 17, the organization announces that it has undergone a large-scale attack on its Ameli platform. In total, these are approximately 510,000 French who have had their personal data compromised. To gain access to this information, the hackers took control of 19 professional accounts, the vast majority of which were pharmacists. Their usernames and passwords are currently circulating on the dark web.
On the same subject: Arret Maladie.fr – Health Insurance warns and will file a complaint against the site
Health Insurance has been the victim of a large-scale hack
To gain access to this data, hackers used robots that carried out “chain queries” on the Infopatient service, explains the Health Insurance. Once the door opened, they came across all the identity information of the people concerned, to see their surname, first name, date of birth, sex, but also their social security number or even the declarations of their attending physician and their complementary health plan.
“Contact details (email, address, telephone) and bank details, as well as data relating to any pathologies/diseases and the consumption of care, are not concerned”, specifies the health insurance. Detected at the end of last week, the flaw has since been repaired. Hacker IP addresses have also been banned and used professional accounts repaired.
Each of the French people affected by the hack will be contacted directly by health insurance, which also undertakes to remain vigilant regarding abnormal identifications on its Ameli platform. The organization will also strengthen its awareness campaigns against phishingalready in place for several years following the dissemination of numerous scams.
Source: Health Insurance