33m French citizens data stolen in healthcare billing breach The Register

Infosec In Brief Nearly half the citizens of France have had their data exposed in a massive security breach at two third-party healthcare payment servicers, the French data privacy watchdog disclosed last week.
Payments outfits Viamedis and Almerys both experienced breaches of their systems in late January, the National Commission on Informatics and Liberty revealed, leading to the theft of data belonging to more than 33 million customers.
Affected data on customers and their families includes dates of birth, marital status, social security numbers and insurance information.
No banking info, medical data or contact information was compromised, the CNIL added.
Padova believes the breach is the largest in France's history.
Viamedis was reportedly compromised through a phishing attack that targeted healthcare professionals, and used credentials stolen from such professionals to gain access to its systems.
Almerys didn't disclose how its compromise occurred, but it's possible the ingress was similar in nature - it admitted the attacker gained access through a portal used by healthcare providers.
The CNIL said that it's working with Viamedis and Almerys to ensure those affected are informed - as is required under the EU's General Data Protection Regulation - but it'll likely take some time to get the word out to nearly half the country.
In the meantime, French officials are warning that the stolen data could be combined with data from other breaches to be used in phishing attacks or social engineering schemes.
Networking biz Juniper reportedly leaked information about the devices its customers owned, according to a Krebs on Security report.
The source of the leak was Juniper's support portal, which was apparently found by a 17-year-old intern to allow searches on the name of any customer - and then to produce a list of devices they had acquired and registered with Juniper.
Cisco is warning of some serious cross-site request forgery vulnerabilities in its Expressway Series devices that could give an attacker the ability to perform arbitrary actions on compromised devices.
Patches are available, so get 'em installed on both Expressway-C and Expressway-E devices.
No more tricks: Canada wants to ban the Flipper Zero.
The Flipper is a cool piece of hardware that's able to do a lot of stuff - but anyone familiar with the miniscule device is probably already shaking their head at the idea that the device, with its sub-GHz antenna, can help crooks steal cars.
Most modern cars can't be cracked by the Flipper thanks to the use of rolling codes - supposing they're properly implemented, that is.
Florida man sentenced for dark web ID theft scheme while already in prison.
Currently serving 12 years in prison for bank fraud and aggravated identity theft in Florida, Dennis pled guilty this week to additional aggravated ID theft charges out of Georgia that appear related to his previous conviction.
Dennis was sentenced in Florida in 2022 for using fake IDs populated with real information to open bank accounts and take out fraudulent loans, in one case making off with $20k in cash using another person's identity.
Dennis didn't just buy and use stolen PII, though - he also crafted it into profiles to sell to other criminals, and offered guidance on how to use the dodgy dossiers to commit bank fraud.


This Cyber News was published on go.theregister.com. Publication date: Mon, 12 Feb 2024 08:13:03 +0000


Cyber News related to 33m French citizens data stolen in healthcare billing breach The Register

Cybersecurity in the Healthcare Industry: Protecting Patient Data - In the rapidly advancing era of technology, the healthcare industry faces a critical challenge: protecting patient data from cyber threats. This article will emphasize the significance of cybersecurity in the healthcare industry and explore the ...
9 months ago Securityzap.com
Why healthcare data is often the target of ransomware attacks - Healthcare data in recent years has been a very lucrative target for cyberattacks, particularly ransomware, with attackers holding healthcare information, and potentially patient lives, for ransom. Cybercriminals are increasingly focusing on ...
5 months ago Techtarget.com
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
10 months ago Securityboulevard.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 month ago Aws.amazon.com
Best Cloud Security Providers for Healthcare Services - Cloud Security Providers for Healthcare offer specialized services to protect data and applications hosted in cloud environments. When picking a cloud security providers for healthcare, it's important to think about things like how well they follow ...
9 months ago Cybersecuritynews.com
33m French citizens data stolen in healthcare billing breach The Register - Infosec In Brief Nearly half the citizens of France have had their data exposed in a massive security breach at two third-party healthcare payment servicers, the French data privacy watchdog disclosed last week. Payments outfits Viamedis and Almerys ...
8 months ago Go.theregister.com
The Imperative for Robust Security Design in the Health Industry - COMMENTARY. In an era dominated by digital innovation and technological advancements, healthcare companies find themselves at the intersection of immense opportunity and equally unprecedented risk. The digitalization of patient records, electronic ...
9 months ago Darkreading.com
Atlas Healthcare Confirms Data Breach Affecting Residents' Social Security Numbers - On October 14, 2023, Atlas Healthcare provided notice of a recent data breach after learning that an unauthorized actor was able to access the company's computer system. In this notice, Atlas explains that the incident resulted in an unauthorized ...
11 months ago Jdsupra.com
Data breach at French healthcare services firm puts millions at risk - French healthcare services firm Viamedis suffered a cyberattack that exposed the data of policyholders and healthcare professionals in the country. Though the company's website remains offline at the time of writing, an announcement was posted on ...
9 months ago Bleepingcomputer.com
Changing How Healthcare Works: Big News in Communication - In a pivotal transformation within the healthcare industry, a prominent shift is currently unfolding. Direct Secure Messaging has emerged as a game-changer, modernising the way vital information is shared among healthcare providers, pharmacies, and ...
8 months ago Cysecurity.news
Welltok Data Breach: 8.5M US Patients' Information Exposed - In a recent cybersecurity incident, Welltok, a leading healthcare Software as a Service provider, reported unauthorized access to its MOVEit Transfer server, affecting the personal information of approximately 8.5 million patients in the United ...
10 months ago Securityboulevard.com
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
9 months ago Securityzap.com
Cybersecurity Management Lessons from Healthcare Security Breaches - 2024 looks like it will only increase the number of affected individuals considering the scale of ransomware attacks from the first half of the year in the USA, Canada, and Australia. Unusual activity detected on May 8, 2024, caused Ascension ...
5 months ago Esecurityplanet.com
Norton Healthcare discloses data breach after May ransomware attack - Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents. Norton Healthcare serves adult and pediatric patients in more than 40 clinics and ...
10 months ago Bleepingcomputer.com
Ransomware gang starts leaking alleged stolen Change Healthcare data - The RansomHub extortion gang has begun leaking what they claim is corporate and patient data stolen from United Health subsidiary Change Healthcare in what has been a long and convoluted extortion process for the company. In February, Change ...
6 months ago Bleepingcomputer.com
Transforming in the Age of Healthcare Digitalization - Healthcare and technology increasingly intersect in today's world, and cybersecurity has become a primary concern for many companies. The recent attack on Change Healthcare serves as a harsh reminder of the vulnerabilities facing the healthcare ...
4 months ago Cyberdefensemagazine.com
US govt probes if ransomware gang stole Change Healthcare data - The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group subsidiary Optum, which operates the Change Healthcare platform, in late ...
7 months ago Bleepingcomputer.com
Ransomware's appetite for US healthcare sees known attacks double in a year - Following the February 21 attack on Change Healthcare, scores of people in the US have been living with the brutal, real-world effects of ransomware. It has also created skyrocketing pharmacy bills, pushed some healthcare providers to the edge of ...
7 months ago Malwarebytes.com
Unveiling the true cost of healthcare cybersecurity incidents - As healthcare organizations increasingly rely on interconnected systems, electronic health records, and telemedicine, the industry becomes a prime target for malicious actors seeking to exploit vulnerabilities. The consequences of a cybersecurity ...
10 months ago Helpnetsecurity.com
Ticketmaster confirms massive breach after stolen data for sale online - Live Nation has confirmed that Ticketmaster suffered a data breach after its data was stolen from a third-party cloud database provider, which is believed to be Snowflake. While the breach has allegedly exposed the data of over 560 million ...
5 months ago Bleepingcomputer.com
French government recommends against using foreign chat apps - Prime Minister of France Élisabeth Borne signed a circular last week requesting all government employees to uninstall foreign communication apps such as Signal, WhatsApp, and Telegram by December 8, 2023, in favor of a French messaging app named ...
11 months ago Bleepingcomputer.com
Data breaches at Viamedis and Almerys impact 33 million in France - Data breaches at two French healthcare payment service providers, Viamedis and Almerys, have now been determined to impact over 33 million people in the country. Viamedis and Almerys provide healthcare and insurance services in France with ...
8 months ago Bleepingcomputer.com
French Gov. Leaks 43 Million People's Data - French public employment administration loses control of citizens' data after biggest breach in Gallic history. Hackers stole 20 years of personal data relating to job seekers from a French agency. The boss of France Travail, Alexandre Saubot, has a ...
7 months ago Securityboulevard.com
HHS to investigate UnitedHealth and ransomware attack on Change Healthcare - The U.S. Department of Health and Human Services is launching an investigation into the ransomware attack on Change Healthcare following weeks of disruption to healthcare and billing operations at hospitals, clinics and pharmacies across the country. ...
7 months ago Therecord.media
ASVEL basketball team confirms data breach after ransomware attack - French professional basketball team LDLC ASVEL has confirmed that data was stolen after the NoEscape ransomware gang claimed to have attacked the club. ASVEL is a French professional basketball team in Villeurbanne, Lyon, headed by former NBA star ...
11 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)