Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label privacy watchdog. Show all posts

Privacy Watchdog Issues Warning

 

Information about over 33 million individuals in France, roughly half of the nation's population, was compromised in a cyber assault after January, as per statements from the country's data protection authority.
The Commission Nationale Informatique et Libertés (CNIL) disclosed this development recently after being notified by two healthcare insurance firms, Viamedis and Almerys.

The agency cautioned that the breached data, impacting policyholders and their families, encompasses details such as "marital status, date of birth, social security number, the name of the health insurer, as well as the guarantees of the contract."

Thankfully, unlike the situation involving Australian health insurer Medibank, sensitive medical records and treatment histories were not accessed.

CNIL emphasized that the responsibility lies with the health insurance firms to inform the affected parties. However, individuals are advised to remain vigilant against potential phishing schemes aiming to defraud them.

While the contact information of policyholders remained untouched, CNIL highlighted the possibility of combining the breached data with other previously compromised information for further malicious activities.

In light of the magnitude of the breach, CNIL swiftly initiated investigations to assess the adequacy of security measures implemented both before and after the incident, in alignment with GDPR obligations.

Failure of the implicated companies to adhere to cybersecurity protocols mandated by the EU's GDPR could result in penalties of up to €20 million or 4% of their global revenue, whichever is greater.

The ransomware attack on Medibank stirred considerable distress in Australia when the perpetrators began disclosing sensitive healthcare claims data for approximately 480,000 individuals, including details on drug addiction treatments and abortions, for extortion purposes.

Last month, Australia, the United Kingdom, and the United States publicly attributed the attack to Russian hacker Aleksandr Ermakov, imposing financial sanctions and travel restrictions on him.