Main German IT supplier Bitmarck hacked, hitting hundreds of thousands

German IT supplier Bitmarck said Sunday that it had been compelled to tug complete knowledge centres offline after a cyberattack, its second this yr, with the incident to have vital impression on Germany’s healthcare system.

Bitmarck gives IT providers for over 80 medical insurance corporations. Many have been left fully unable to contact Germany’s nationwide hub of digital medical providers, Gematik or misplaced all digital providers.

The corporate didn’t specify the character of the cyber incident, e.g. whether or not it had been hit by ransomware or pulled providers offline earlier than malicious payloads could possibly be activated after detecting a profitable intrusion.

Amongst these affected is SBK, one in all Germany’s largest well being insurers which has told its million-plus clients that its telephone, e-mail, and app have all been knocked offline because of the Bitmarck cyberattack.

Bitmarck mentioned that “there’ll proceed to be appreciable restrictions in day-to-day enterprise for the foreseeable future.. in some circumstances complete Bitmarck knowledge facilities have been taken offline, particular person providers could should be shut down once more and the restarting of particular person providers (could trigger)  non permanent service failures.”

It did say nonetheless that “in line with present info, there was no outflow of knowledge, neither at Bitmarck nor at clients or insured individuals… affected person knowledge was by no means endangered by the assault.”

The IT supplier in January 2023 noticed over 300,000 insurance coverage coverage holders’ knowledge stolen from its inside techniques, according to local site Heisewhich mentioned that attackers had gained entry to Bitmarck’s Jira/Confluence atmosphere –  and though the corporate had initially claimed that no policyholder knowledge had been stolen, names, dates of delivery, and insurance coverage card identification numbers have been all later discovered shared on the darkish net.

Stephan Chenette, CTO at AttackIQa breach and assault simulation service supplier, mentioned: “Organizations should research the widespread techniques, strategies, and procedures utilized by widespread menace actors, which can assist them construct extra resilient safety detection, prevention, and response applications mapped particularly to these recognized behaviors… with knowledge generated from steady testing, safety groups can concentrate on reaching key safety outcomes, modify safety controls, and work to raise whole safety program effectiveness.”

See additionally: Rackspace blames Microsoft over ransomware attack