Sufferers of Dutch psychological well being clinics are being warned that their private data have fallen into the palms of hackers following a safety breach at a web-based portal that “assured” their privateness.
Netherlands-based expertise firm Nedap disclosed on 25 October a hacking incident of its Carenzorgt.nl portal, utilized by hundreds of healthcare establishments all through the nation to share digital well being data and private knowledge.
The corporate says that it was made conscious of a vulnerability within the Carenzorgt.nl system (also called “Caren”) on the morning of 17 October, and “resolved it instantly.” Â Nevertheless, a subsequent investigation decided that the vulnerability had been exploited by hackers to achieve unauthorised entry to affected person data.
Amongst the victims are 184 purchasers of psychological well being clinics Reinier van Arkel and Ypse in Den Bosch.
The incident has worrying echoes of the assault in 2020 of Finnish psychotherapy clinic Vasataamo that noticed hackers not solely steal the extremely confidential and delicate notes from remedy periods, but additionally ended up with particular person sufferers receiving threats saying that until they paid a ransom inside 72 hours their non-public info can be revealed on the web.
In that incident, the hacker stole psychotherapy particulars on hundreds of sufferers, with at the very least 2000 victims finally having their session notes revealed on the darkish internet.
Vasataamo’s CEO misplaced his job, and the agency declared itself bankrupt the next yr because the injury to its fame was inconceivable to restore.
Let’s hope the identical destiny doesn’t befall the remedy clinics whose sufferers have been affected by this newest breach, as from the sound of issues, the safety failure was not with them however as an alternative with Nedap’s Carenzorgt.nl portal.
One ray of sunshine is that final week Dutch police arrested a 19-year-old man in reference to the hack.
Authorities are mentioned to be investigating whether or not {the teenager} may need bought any of the stolen knowledge to others, who may try and monetise the delicate knowledge.