More than 500,000 people are affected by the data hacking suffered by the Ameli site.
On March 17, the National Health Insurance Fund (Cnam) unveiled in a communicated to have been the victim of a hack occurred the previous week. “Unauthorized persons managed to connect to Amelipro accounts, reserved for healthcare professionals”, confided the site of the Health Insurance, Ameli. At the origin of this massive piracy, the connection by the “attackers” to the accounts of 19 healthcare professionals whose email addresses had been compromised. In all, these are 510,000 insured who are affected by this data leak.
“The attackers carried out ‘chain’ queries, with the use of a robot, of a service called ‘Infopatient’ giving access from social security numbers to certain administrative information of insured persons”, details the press release. The hacked information relating to the insured is: the identity data (surname, first name, date of birth, sex), social security number, data relating to rights (declaration of a treating doctor, allocation of complementary health insurance or state medical aid, possible 100% load). On the other hand, the contact details (email, address, telephone) and bank details, as well as the data relating to any pathologies/diseases and to the consumption of care, are not not affected by piracy.
Enhanced security
Since the attack, the IP addresses that caused it have been banned and the accounts of the professionals have been reset. Health professionals were invited to enhance security of their account. More than ever, identification anomalies are monitored. As for the 510,000 people whose data has been hacked, the organization has undertaken to contact individually each of them. L’Assurance Maladie said it filed a criminal complaint on March 17.