ChipSoft, a leading provider of healthcare systems in the Netherlands, has been struck by a ransomware attack, raising concerns about the security of patient data across the country. The company supplies critical systems to approximately 70 percent of Dutch hospitals, making this incident particularly significant. Z-Cert, the digital security center for healthcare, has issued a confidential alert to healthcare institutions, urging them to take precautionary measures.
The attack was confirmed by ChipSoft, which acknowledged a 'data incident' involving potential unauthorized access to their systems. Although the company has not confirmed whether patient data has been accessed or stolen, it is taking steps to mitigate any adverse effects. Hospitals using ChipSoft systems have been advised to disconnect their VPN connections and closely monitor their network traffic to prevent further compromise.
Despite the potential severity of the attack, several hospitals have reported that their systems remain unaffected and that patient data is secure. Institutions such as Rijnstate Hospital in Arnhem and Frisus MC in Heerenveen have assured the public that their data is safe and that there are no disruptions to their services. This suggests that the impact of the ransomware attack may be limited to certain areas or systems.
The primary concern revolves around patient portals, which connect patient records to the internet, allowing individuals to access their own data. The possibility of these portals being compromised poses a significant risk to patient privacy and data integrity. As investigations continue, the full scope of the attack and its implications for the healthcare sector remain uncertain.
In response to the attack, healthcare institutions are advised to remain vigilant, disconnect from ChipSoft's VPN, and monitor their systems for unusual activity. These steps are crucial in preventing further breaches and ensuring the continued security of sensitive patient information. As the situation develops, healthcare providers must stay informed and prepared to implement additional security measures if necessary.
Source: https://nltimes.nl/2026/04/08/ransomware-attack-company-manages-dutch-hospitals-patient-files