Company Details
assurance-maladie
23,361
196,417
92
ameli.fr
0
ASS_1619018
In-progress

Assurance Maladie Company CyberSecurity Posture
ameli.frTravailler à l’Assurance Maladie, c’est donner une nouvelle dimension à votre métier et agir au quotidien pour la protection de notre système de santé. Participez à une grande diversité de projets dans un cadre bienveillant et soyez fier de contribuer à une mission essentielle : agir ensemble, protéger chacun. Depuis près de 80 ans, l'Assurance Maladie joue un rôle majeur au service de la solidarité nationale. Nous sommes convaincus que la clé de la pérennité du système de santé relève d'une responsabilité collective et réside dans l'implication forte de chacun de ses acteurs. Au sein de ce système, l'Assurance Maladie assume une triple mission : ⏺️ garantir un accès universel aux droits et permettre l'accès aux soins ⏺️ accompagner chacun dans la préservation de sa santé ⏺️ améliorer l'efficacité du système Toutes ses missions, l’Assurance Maladie les mène avec le souci d’assurer la meilleure qualité de service. Elle s’appuie pour cela sur un réseau de proximité qui couvre l’ensemble du territoire et l’engagement de plus de 80 000 collaborateurs qui agissent jour après jour à l’échelle départementale, régionale et nationale. Ensemble, au quotidien, ils font vivre ses valeurs d’universalité, de solidarité, de responsabilité et d’innovation.
Company Details
assurance-maladie
23,361
196,417
92
ameli.fr
0
ASS_1619018
In-progress
Between 750 and 799

Assurance Maladie Global Score (TPRM)XXXX

Description: The accounts of healthcare staff of insurance body l’Assurance Maladie were hacked in a data security incident and had compromised the health data of more than half a million people in France. The compromised data included the names, surnames, date of birth, social security numbers, GP details, and levels of reimbursement for at least 510,000 people. Around19 accounts, mainly belonging to pharmacists, were affected after their email addresses were compromised.
Description: The accounts of 19 healthcare staff of France’s Caisse Nationale d’assurance Maladie (Cnam) health insurance body were hacked leaking the sensitive information of its patients. The personal information of about 510,000 people including names, surnames, date of birth, social security numbers, GP details, and levels of reimbursement was accessed by the attackers. The health care upon learning about the incident immediately filed a complaint and notified the affected individuals.


No incidents recorded for Assurance Maladie in 2025.
No incidents recorded for Assurance Maladie in 2025.
No incidents recorded for Assurance Maladie in 2025.
Assurance Maladie cyber incidents detection timeline including parent company and subsidiaries

Travailler à l’Assurance Maladie, c’est donner une nouvelle dimension à votre métier et agir au quotidien pour la protection de notre système de santé. Participez à une grande diversité de projets dans un cadre bienveillant et soyez fier de contribuer à une mission essentielle : agir ensemble, protéger chacun. Depuis près de 80 ans, l'Assurance Maladie joue un rôle majeur au service de la solidarité nationale. Nous sommes convaincus que la clé de la pérennité du système de santé relève d'une responsabilité collective et réside dans l'implication forte de chacun de ses acteurs. Au sein de ce système, l'Assurance Maladie assume une triple mission : ⏺️ garantir un accès universel aux droits et permettre l'accès aux soins ⏺️ accompagner chacun dans la préservation de sa santé ⏺️ améliorer l'efficacité du système Toutes ses missions, l’Assurance Maladie les mène avec le souci d’assurer la meilleure qualité de service. Elle s’appuie pour cela sur un réseau de proximité qui couvre l’ensemble du territoire et l’engagement de plus de 80 000 collaborateurs qui agissent jour après jour à l’échelle départementale, régionale et nationale. Ensemble, au quotidien, ils font vivre ses valeurs d’universalité, de solidarité, de responsabilité et d’innovation.


Its main functions are to: collect and administer all national taxes, duties and levies; collect revenue that may be imposed under any other legislation, as agreed on between SARS and an organ of state or institution entitled to the revenue; provide protection against the illegal importation

Work With Purpose. Shape Seattle. Inspire the World. Seattle is more than a world-class city — it’s a vibrant, evolving community rooted in shared values of sustainability, innovation, and inclusion. As a public employer, the City of Seattle is committed to building a city that works for everyone —

Social Security provides financial protection for our nation’s people, supporting more than 64 million individuals and families. With retirement, disability, and survivors benefits, Social Security is one of the most successful anti-poverty programs in our nation's history. We are there throughout

Der Arbeitgeber Niedersachsen vereint über 2000 Dienststellen mit einem gemeinsamen Ziel: Wir gestalten das Leben in Niedersachsen verantwortungsvoll und zukunftsorientiert. Als der größte Arbeitgeber im Land Niedersachsen bieten wir sichere Arbeitsplätze, sinnstiftende Aufgaben und vielfältige Ei

At the Home Office, we help to ensure that the country is safe and secure. We’ve been looking after UK citizens since 1782. We are responsible for: - working on the problems caused by illegal drug use - shaping the alcohol strategy, policy and licensing conditions - keeping the United Kingdom safe

Københavns Kommune er Danmarks største arbejdsplads med ca. 45.000 medarbejdere. Vi udvikler hovedstaden og servicerer over 500.000 københavnere. Vores mål er at fastholde og udvikle København som en af verdens bedste byer at bo i – og skabe øget vækst gennem viden, innovation og beskæftigelse. Fi

We are the largest and most diverse organisation in our state. We have more than 90 government departments and organisations providing essential services across 4000+ locations—from the Torres Strait to the Gold Coast; Mount Isa to Brisbane. We are passionate about making Queensland better through

MISIÓN/PROPÓSITO: La SEP tiene como propósito esencial crear condiciones que permitan asegurar el acceso de todas las mexicanas y mexicanos a una educación de calidad, en el nivel y modalidad que la requieran y en el lugar donde la demanden. VISIÓN: En el año 2025, México cuenta con un sistema

Bli en samhällsbyggare – jobba i Malmö stad! Genom att arbeta i Malmö stad får du möjlighet att arbeta med hållbar samhällsutveckling. Som en samhällsbyggare spelar du en viktig roll i Malmös utveckling och därför ser vi oss som framtidens arbetsplats. Människors lika värde är en förutsättning fö
.png)
The average cost of a data breach in Canada is $6.75 million per incident in 2021. That's up almost half a million from 2020. With each new year,...
Every year on August 8, Ukraine celebrates the Day of Communications Troops. These units are an important part of the Armed Forces of Ukraine.
This week, the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) held its 30th Steering Committee. With a unanimous vote, the 27 Sponsoring...

Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
The official website of Assurance Maladie is https://assurance-maladie.ameli.fr/qui-sommes-nous.
According to Rankiteo, Assurance Maladie’s AI-generated cybersecurity score is 752, reflecting their Fair security posture.
According to Rankiteo, Assurance Maladie currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
According to Rankiteo, Assurance Maladie is not certified under SOC 2 Type 1.
According to Rankiteo, Assurance Maladie does not hold a SOC 2 Type 2 certification.
According to Rankiteo, Assurance Maladie is not listed as GDPR compliant.
According to Rankiteo, Assurance Maladie does not currently maintain PCI DSS compliance.
According to Rankiteo, Assurance Maladie is not compliant with HIPAA regulations.
According to Rankiteo,Assurance Maladie is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Assurance Maladie operates primarily in the Government Administration industry.
Assurance Maladie employs approximately 23,361 people worldwide.
Assurance Maladie presently has no subsidiaries across any sectors.
Assurance Maladie’s official LinkedIn profile has approximately 196,417 followers.
Assurance Maladie is classified under the NAICS code 92, which corresponds to Public Administration.
No, Assurance Maladie does not have a profile on Crunchbase.
Yes, Assurance Maladie maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/assurance-maladie.
As of December 19, 2025, Rankiteo reports that Assurance Maladie has experienced 2 cybersecurity incidents.
Assurance Maladie has an estimated 11,751 peer or competitor companies worldwide.
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with filed a complaint, communication strategy with notified the affected individuals..
Title: Data Security Incident at l’Assurance Maladie
Description: The accounts of healthcare staff of insurance body l’Assurance Maladie were hacked in a data security incident and had compromised the health data of more than half a million people in France.
Type: Data Breach
Attack Vector: Email Compromise
Title: Data Breach at Caisse Nationale d’assurance Maladie (Cnam)
Description: The accounts of 19 healthcare staff of France’s Caisse Nationale d’assurance Maladie (Cnam) health insurance body were hacked leaking the sensitive information of its patients. The personal information of about 510,000 people including names, surnames, date of birth, social security numbers, GP details, and levels of reimbursement was accessed by the attackers. The health care upon learning about the incident immediately filed a complaint and notified the affected individuals.
Type: Data Breach
Attack Vector: Account Hacking
Common Attack Types: The most common types of attacks the company has faced is Breach.
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Email Compromise.

Data Compromised: Names, Surnames, Date of birth, Social security numbers, Gp details, Levels of reimbursement

Data Compromised: Names, Surnames, Date of birth, Social security numbers, Gp details, Levels of reimbursement
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information, Health Data, , Names, Surnames, Date Of Birth, Social Security Numbers, Gp Details, Levels Of Reimbursement and .

Entity Name: l’Assurance Maladie
Entity Type: Insurance Body
Industry: Healthcare
Location: France
Customers Affected: 510,000 people

Entity Name: Caisse Nationale d’assurance Maladie (Cnam)
Entity Type: Health Insurance Body
Industry: Healthcare
Location: France
Customers Affected: 510000

Communication Strategy: filed a complaintnotified the affected individuals

Type of Data Compromised: Personal information, Health data
Number of Records Exposed: 510,000
Sensitivity of Data: High
Personally Identifiable Information: namessurnamesdate of birthsocial security numbersGP detailslevels of reimbursement

Type of Data Compromised: Names, Surnames, Date of birth, Social security numbers, Gp details, Levels of reimbursement
Number of Records Exposed: 510000
Sensitivity of Data: High
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Filed A Complaint and Notified The Affected Individuals.

Entry Point: Email Compromise
Most Significant Data Compromised: The most significant data compromised in an incident were names, surnames, date of birth, social security numbers, GP details, levels of reimbursement, , names, surnames, date of birth, social security numbers, GP details, levels of reimbursement and .
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were date of birth, surnames, social security numbers, GP details, names and levels of reimbursement.
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 510.5K.
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Email Compromise.
.png)
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.
Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to overwrite Git configuration remotely and override some of its behavior. Version 5.15.1 fixes the issue.
Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow an authenticated user with snapshot restore privileges to cause Excessive Allocation (CAPEC-130) of memory and a denial of service (DoS) via crafted HTTP request.
Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) of computing resources and a denial of service (DoS) of the Kibana process via a crafted HTTP request.
Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an unauthenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a vulnerability a function handler in the Vega AST evaluator.

Get company history
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.