We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

33 Million French Citizens Hit by Healthcare Data Breach

33 Million French Citizens Hit by Healthcare Data Breach
Keira Waddell Published on 13th February 2024 Senior Writer

Over 33 million individuals in France — nearly half the country’s population — have had their personal data exposed. This breach targeted Viamedis and Almerys, two prominent service providers in the French healthcare and insurance sectors. The French data protection authority, the National Commission on Informatics and Liberty (CNIL), confirmed the magnitude of this breach last month.

Viamedis and Almerys are known for facilitating healthcare transactions and managing sensitive data required for insurance reimbursements within France’s healthcare system. Viamedis, which serves 20 million individuals through the 84 healthcare organizations that use its services, disclosed the incident on its LinkedIn page.

The origins of the Viamedis breach have been attributed to a sophisticated phishing attack that exploited healthcare professionals’ login credentials. Almerys has been less forthcoming about the specifics of their breach, though they have stated that the attackers gained access through a portal used by healthcare providers.

The data exposed in these breaches includes names, birthdates, Social Security numbers, marital status, civil statuses, insurer details, and guarantees related to third-party payments. However, financial information, medical records, contact details, and other sensitive data were not compromised, mitigating the potential for financial fraud but not eliminating the risk of identity theft or insurance fraud.

CNIL has urged the affected individuals to remain vigilant for signs of fraud and to be cautious of phishing attempts. The authority highlighted that the exposed data, while not including contact information directly, could be combined with other information from previous breaches to facilitate fraudulent activities.

Both companies have filed complaints with the public prosecutor, and CNIL has launched an investigation to assess compliance with the EU’s General Data Protection Regulation (GDPR). This investigation aims to determine whether adequate security measures were in place and whether GDPR obligations were met.

The sensitivity of the data handled in the healthcare industry makes it a prime target for cybercriminals. This incident adds to a series of cyber attacks affecting the sector.

As the investigation continues, the affected individuals and the broader public are reminded of the ever-present need for vigilance and the importance of robust cybersecurity measures in protecting personal digital data.

About the Author

Keira is an experienced cybersecurity and tech writer dedicated to providing comprehensive insights on VPNs, online privacy, and internet censorship.