Bitmarck, which is one of the main IT service providers working inside Germany’s statutory health insurance system, said on Sunday that it had taken all of its client and internal systems down owing to a cyberattack that had been launched against the company.
The specifics of the attack have not been made public at this time. The corporation issued a statement on its temporary website stating that it has found no evidence of a data theft, but it did warn that investigations by independent specialists are still going on.
Bitmarck, a company that has over 1,600 employees, has said that both the customer and internal systems have been taken down as a safety measure. It emphasized that the patient information it stores is subject to additional safeguards and was not “in danger” as a result of the incident.
When these services are taken down, it has an effect on a wide variety of people and organizations who are affiliated with Bitmarck’s services, notably those that depend on the firm to issue electronic illness certificates, which are used in Germany to pay workers while they are out from work.
Bitmarck also issued a warning that the pharmacies with whom it collaborates may potentially have technical issues. The company said, however, that it intended to put the affected systems back up in a careful way so as to limit the effect and the danger to customers.
The business added in its statement that it expected interruptions to persist “for the foreseeable future,” since whole data centers had been pulled down, and resuming them would likely be followed by temporary service failure.
The firm issued the following statement in response to the disruption: “We deeply regret the inconvenience caused to our customers, service providers, and insured persons and are working to restore the systems as quickly as possible.”
It was stated that owing to continuing forensic investigations and inquiries by the authorities, it was unable to identify the individuals who carried out the act.
Following a similar cyberattack in January that resulted in the theft of more than 300,000 insurance policyholders’ personal information from Bitmarck’s internal systems, another cyberattack occurred in April.
Initially, the firm said that no policyholder data had been stolen; however, it subsequently found out that personally identifiable information, such as names, dates of birth, and insurance card identification numbers, had been taken.
Bitmarck “cannot answer” the issue of who hacked its network and how, and as of the time of publication, the company has not responded to the inquiries made on how the attackers broke in and what data they viewed while they were within the network.
After the company’s early warning tool discovered a breach in one of its internal systems, Bismarck stated that it “immediately” informed law enforcement and government regulators, and it also brought in outside security specialists.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.
