Skip links

Bitmarck shuts down all customer, internal systems after cyberattack

German IT services provider Bitmarck has shut down all of its customer and internal systems, including entire datacenters in some cases, following a cyberattack. 

The company, one of the largest service providers for German health insurers, said no customer, patient, or insured individuals’ data had been accessed in the security breach — at least not according to “the current state of knowledge,” according to an April 30 update posted on its temporary website. 

Patient data “was and is never endangered by the attack,” the alert read, noting that this sensitive information is subject to “special protection” under Germany’s Gematik healthcare data regulations. 

“The security of customer, insured and patient data had and still has the highest priority both when defending against the attack and when putting our systems back into operation,” Bitmarck assured customers.

Bitmarck sunk

The service provider doesn’t yet have a timeline for when it expects to have all of its systems back up and running. “It should be noted that the systems can be put back into operation at different speeds depending on the customer situation,” according to the alert.

“Services that are already available or will be available shortly include, in particular, the digital processing of electronic certificates of incapacity for work (eAU) and access to the electronic patient file (ePA),” it noted, adding that other key services, including monthly transmission of statistical data, the KIM digital communication service, and health insurance companies’ central processing services “will be available again shortly.”

Bitmarck said it’s also looking into setting up a short-term IT environment to bring health insurers’ central processes — such as payments — back online.  

While its IT and security teams are “working to restore the systems as quickly as possible,” it may be a while before its managed services are performing at pre-cyberattack levels,” the company warned. According to the notice:

Bitmarck “cannot answer” the question of who attacked its network and how, and at press time did not respond to The Register‘s inquires about how the intruders broke in, and what data they accessed in the breach.

After the firm’s early warning tool detected a breach of one of its internal systems, Bismarck said it “immediately” informed law enforcement and government regulators, and brought in external security experts.

“The specialists of the LKA are also closely involved in the analysis of the facts,” the biz said. “BITMARCK is also working closely with its customers, the Federal Ministry of Health, associations, Gematik and other players in the healthcare market to process the incident.” ®