Healthcare IT solutions provider ChipSoft hit by ransomware attack

Source: Bleeping Computer

Incident Overview

Dutch healthcare software vendor ChipSoft was hit by a ransomware attack that forced the company to take its website and digital services for patients and healthcare providers offline. ChipSoft is a major provider of Electronic Health Record (EHR) systems in the Netherlands, with its flagship platform HiX used by many Dutch hospitals.

Earlier this week, users on Reddit reported that the digital solutions developer for the healthcare sector was affected by a cybersecurity incident. Local media confirmed the cyberattack based on an internal memo ChipSoft circulated to healthcare institutions, alerting them of “possible unauthorized access.”

Response and Mitigation

The IT services provider assured healthcare center operators that it was taking all measures to “limit the adverse consequences as much as possible,” advising them to disconnect from its systems until cleanup is completed.

The country’s computer emergency response team for cybersecurity in healthcare (Z‑CERT) announced that a ransomware incident had impacted ChipSoft. The agency is working with the firm and healthcare institutions to identify the impact and help them recover.

As a precaution, ChipSoft disabled all connections to its Zorgportaal, HiX Mobile, and Zorgplatform digital health services.

Reported Outages

While some Dutch media outlets reported that most patient‑facing systems were working normally, multiple reports indicated that the same systems were unavailable at various hospitals:

• Sint Jans Gasthuis in Weert
• Laurentius in Roermond
• VieCuri hospital in Venlo
• Flevo Hospital in Almere

Context and Related Incidents

Cyberattacks on healthcare IT providers can be especially damaging, as these companies manage large volumes of sensitive patient data across multiple institutions.

• Last month, healthcare IT firm CareCloud disclosed a data breach that exposed sensitive data and caused a multi‑hour service disruption.
• In March 2026, Cognizant’s healthcare IT subsidiary TriZetto Provider Solutions suffered a breach affecting over 3.4 million people.

Additional Resources

Automated Pentesting Covers Only 1 of 6 Surfaces

Automated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the other. This whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic questions for any tool evaluation.