Ransomware Attack on ChipSoft Disrupts Operations Across 11 Dutch Hospitals
On April 7, a significant ransomware attack targeted ChipSoft, a Dutch software vendor, leading to widespread disruptions in healthcare operations across multiple institutions. The incident forced hospitals to sever connections to critical systems, underscoring the persistent threats that ransomware poses to the healthcare sector.
Z-CERT, the cybersecurity incident response team in the Netherlands, has confirmed its active involvement in addressing the situation. The organization is collaborating closely with ChipSoft, healthcare institutions, and other stakeholders to monitor the incident and provide essential support, including threat intelligence to affected entities.
ChipSoft Ransomware Incident Forces System Shutdowns
In response to the ransomware attack, ChipSoft disabled access to key platforms such as Zorgportaal, HiX Mobile, and the Zorgplatform as a precautionary measure. These systems remain temporarily offline as the company works to restore services in a phased manner. Users are being issued new login credentials as part of the recovery process, and ChipSoft has maintained direct communication with its customers to outline steps for managing disruptions during this period.
Reports indicate that 11 hospitals disconnected ChipSoft software from their networks following the attack. A confidential advisory also recommended that customers terminate secure VPN connections once the compromise was identified.
Hospitals Face Operational Challenges, Not Critical Disruptions
The ransomware incident has resulted in logistical challenges for healthcare institutions rather than critical failures in patient care. Hospitals have increased staffing at service desks, expanded telephony support, and relied more heavily on direct communication channels to mitigate the impact of the attack. Systems were reported unavailable at several hospitals, including Sint Jans Gasthuis, Laurentius Hospital, VieCuri Medical Center, and Flevo Hospital. Despite these disruptions, Z-CERT noted that no critical care processes have come to a standstill, suggesting that contingency plans and manual workflows are effectively maintaining essential medical services.
Investigation Ongoing, Attackers Yet to Be Identified
As of now, the source of the ChipSoft ransomware incident remains unidentified, and no ransomware group has claimed responsibility for the attack. Reports indicate that ChipSoft’s website was unreachable at the time of writing, suggesting ongoing technical or security challenges. The attack appears to have originated from a compromise within ChipSoft’s environment, prompting widespread defensive actions by its customers to limit further risk.
Ripple Effects Extend Beyond Immediate Disruptions
The ramifications of the ransomware incident extend beyond immediate system outages. Leiden University Medical Center (LUMC) announced that it has postponed the rollout of a new electronic patient record system supplied by ChipSoft following the breach. The hospital clarified that there are no indications that patient data has been leaked, reinforcing the assessment that the incident has not resulted in data exposure.
Healthcare Sector Remains a Prime Target
The ChipSoft ransomware incident highlights the ongoing threat facing healthcare organizations. Cybercriminals frequently target hospitals and medical software providers due to the critical nature of their services, where downtime can create immense pressure to restore systems quickly. A recent example includes the cyberattack on the University of Hawaiʻi Cancer Center, where a ransomware incident impacted research systems and exposed sensitive personal data collected over decades. While clinical operations were not affected, the breach underscored the long-term risks associated with storing large volumes of historical data.
Z-CERT Continues Support and Monitoring
Z-CERT remains central to managing the fallout from the ransomware incident. The organization is assisting healthcare institutions with prevention, detection, response, and recovery efforts while sharing updated threat intelligence. As restoration efforts progress, authorities and healthcare providers are focused on minimizing disruption and ensuring that patient care remains uninterrupted.
The ransomware incident serves as a stark reminder of how cyberattacks on third-party vendors can have cascading effects across critical sectors, reinforcing the urgent need for stronger resilience in healthcare cybersecurity systems.
Source: thecyberexpress.com
Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.
