Ransomware attack disrupts Dutch healthcare software provider ChipSoft

ChipSoft, a Netherlands-based developer of electronic health record software, has been hit by a ransomware attack that forced the company to take its website and several digital healthcare services offline, affecting hospitals and care providers across the country.

The incident prompted ChipSoft to disable connections to key platforms, including its Zorgportaal, HiX Mobile, and Zorgplatform services, as it worked to contain the breach and prevent further disruption. The company develops HiX, a widely used electronic health record system deployed across numerous Dutch hospitals.

The country’s healthcare cybersecurity response organization, Z-CERT, confirmed that the disruption stemmed from a ransomware incident and is coordinating with ChipSoft and affected healthcare institutions to assess the scope of the attack and support recovery efforts.

ChipSoft notified healthcare partners through an internal communication that there may have been unauthorized access to its systems. The company urged healthcare providers to disconnect from its infrastructure as a precaution while mitigation and cleanup measures are underway. It also stated that efforts are ongoing to limit the impact of the incident.

Reports from multiple hospitals indicate that digital systems tied to ChipSoft’s services have experienced outages. Confirmed disruptions have been observed at Sint Jans Gasthuis in Weert, Laurentius Hospital in Roermond, VieCuri Medical Center in Venlo, and Flevo Hospital in Almere. While some patient-facing systems continue to operate, availability appears to vary across institutions.

ChipSoft has not released further technical details about the attack or disclosed whether sensitive data was accessed or encrypted as part of the ransomware operation.

Cyberattacks targeting healthcare IT providers can have widespread consequences, as these companies often serve as centralized data and service hubs for multiple medical institutions, managing large volumes of sensitive patient information.