A ransomware attack targeting ChipSoft, a Dutch provider of electronic patient record software, has forced hospitals across the Netherlands to disconnect parts of their systems as a precaution, according to reports and official warnings.
ChipSoft, whose software is widely used in the Dutch healthcare system, confirmed that it experienced a “data incident” likely caused by unauthorized access from an unknown attacker. The company said it took immediate action to contain the breach and prevent further intrusion after detecting the attack.
The incident has had a broad impact because ChipSoft’s systems are integrated into the infrastructure of many hospitals. Reports indicate that roughly 70% of hospitals in the Netherlands rely on the company’s software to manage patient information, making the attack particularly disruptive.
In response, Z-CERT, the cybersecurity emergency response team for the Dutch healthcare sector, advised hospitals and healthcare institutions to disconnect from ChipSoft systems and closely monitor their internal networks for signs of compromise. This precautionary measure is intended to limit potential spread or further unauthorized access within hospital environments.
The affected software includes multiple versions of ChipSoft’s HiX platform, such as on-premise installations, cloud-based systems, and patient portals. These systems are commonly used to store and process sensitive patient data, increasing concerns about possible data exposure.
At this stage, ChipSoft has not confirmed whether any patient data was stolen, but it has not ruled out that possibility. The identity of the attackers also remains unknown, and the investigation into the scope and impact of the incident is ongoing.
Despite the warnings, not all hospitals have fully disconnected their systems. Some institutions have kept patient portals online, while others have taken services offline as a precaution. This has led to varying levels of disruption across healthcare providers.
The incident highlights the vulnerability of healthcare infrastructure to ransomware attacks, particularly when widely used third-party software becomes a target. Hospitals depend heavily on such systems for daily operations, meaning even precautionary shutdowns can affect access to patient data and clinical workflows.