The health insurance company Barmer and its policyholders have fallen victim to a hacker attack. An external service provider that handles Barmer's bonus program was the victim of an attack. Sensitive data, such as the bank details of Barmer customers, fell into the wrong hands. This data leak raises questions about the security of personal information and the protection of users.
The extent of the hacker attack is being investigated
Barmer drew attention to the hacker attack in mid-June with a brief press release. It was pointed out that the service provider had been hacked and that an investigation was currently underway to determine whether Barmer's own data had also been accessed. The service provider has since closed the security leak. Nevertheless, the incident has already had consequences for some policyholders.
Customers are informed about the data theft
According to reports from the tech magazine "Golem", Barmer is currently informing affected customers about the theft of their data. In the letters to policyholders, Barmer regrets the incident and apologizes for any inconvenience caused. It emphasizes that its own IT systems were not compromised. An external service provider that handles the bonus program was the target of the attack:
External service provider at the center of the attack
The hacker attack was aimed specifically at the external service provider that manages Barmer's bonus program. The company Majorel, with over 82,000 employees and more than 500 customers, was targeted by the attackers. Barmer emphasizes that its own IT systems were not affected. However, this raises questions about service provider management and controls when working with external partners.
Sensitive data falls into the wrong hands
Data theft is particularly worrying as it not only affects the first and last names of policyholders, but also sensitive information such as health insurance numbers, bank details and premium amounts. This personal data can be misused by criminals for various purposes, in particular for phishing attacks.
The danger of phishing attacks
The loss of such sensitive data can lead to an increased risk of phishing attacks. Criminals could try to use the stolen information to take over the accounts of the affected policyholders. In doing so, they may pretend to be the persons concerned and try to gain access to their financial information or other personal data. Barmer therefore warns those affected of this danger and emphasizes that it cannot be ruled out that the leaked data will be used on the Internet.
Conclusion: protecting personal data remains a challenge
The recent cyberattack on Barmer's service provider and the theft of sensitive data from insured persons once again highlights the challenges that companies and users face with regard to the protection of personal data. It is crucial that companies take appropriate security precautions, especially in the area of managing and controlling service providers, to prevent such attacks and ensure the security of their customers' data.
