German IT services provider Bitmarck on Monday announced that it has shut down customer and internal systems following a cyberattack.
Headquartered in Essen, Bitmarck is one of the largest IT companies in Germany, providing technical infrastructure and services to over 80 organizations in the public health insurance sector.
On May 1, the company announced that its early warning systems were triggered by an attack on its internal network, to which it responded by promptly taking data centers and other systems offline.
According to Bitmarck, no customer or insured individuals’ data appears to have been stolen in the incident. Patient data, which is subject to special protection under German regulation, “was and is never endangered by the attack”, the company says.
The IT giant says it has already started restoration operations, but that some systems will take longer to restore, as the operation is performed in line with a ‘security and priority-oriented process’.
According to the company, systems for “the digital processing of electronic certificates of incapacity for work (eAU) and access to the electronic patient file (ePA)” have been restored or will be restored shortly.
“Internal health insurance services such as the transmission of statistical data at the end of the month, the KIM specialist service and central processes for processing in the health insurance companies are currently or will be available again shortly,” Bitmarck also notes.
The company is also considering setting up a temporary emergency operating environment to provide health insurance companies with the necessary services, such as payment transactions.
Although services are gradually coming back online, Bitmarck expects the disruptions to continue for the foreseeable future, given that entire data centers were shut down in some cases, leading to services having to be restarted due to potential failures.
The company says it has informed law enforcement of the incident and that it is working with external security experts, with its customers, and relevant authorities to recover from the attack.
Bitmarck says it cannot share details on the attackers, due to the ongoing investigation. It’s unclear whether the massive disruption was caused by ransomware or another type of attack, or if the firm pulled the plug before a payload was executed.
Related: MSI Confirms Cyberattack, Issues Firmware Download Guidance
